public static string SanitizeMessageInput(string message)
{
HtmlDocument doc = new HtmlDocument();
doc.LoadHtml(message);
if (doc.DocumentNode != null)
{
HtmlNodeCollection imageDataNodes = doc.DocumentNode.SelectNodes("//img[contains(@src,'data:')]");
// strip out BASE64 encoded images in the message
if (imageDataNodes != null)
{
foreach (HtmlNode node in imageDataNodes.ToList())
{
if (node.Attributes["src"].Value.IndexOf("base64,") >= 0)
{
node.ParentNode.ReplaceChild(HtmlNode.CreateNode("<div class=\"tinyerror\">Inline Image removed from message, don't drag images into the message editor!</div>"), node);
}
}
}
// you can do more processing here to also strip out script tags and the like
return doc.DocumentNode.OuterHtml;
}
else
{
return message;
}
}
Re: Disable drag&drop uploads in Firefox
http://stackoverflow.com/questions/6708747/firefox-allows-desktop-image-files-to-be-dragged-in-to-ckeditor
public static string SanitizeMessageInput(string message) { HtmlDocument doc = new HtmlDocument(); doc.LoadHtml(message); if (doc.DocumentNode != null) { HtmlNodeCollection imageDataNodes = doc.DocumentNode.SelectNodes("//img[contains(@src,'data:')]"); // strip out BASE64 encoded images in the message if (imageDataNodes != null) { foreach (HtmlNode node in imageDataNodes.ToList()) { if (node.Attributes["src"].Value.IndexOf("base64,") >= 0) { node.ParentNode.ReplaceChild(HtmlNode.CreateNode("<div class=\"tinyerror\">Inline Image removed from message, don't drag images into the message editor!</div>"), node); } } } // you can do more processing here to also strip out script tags and the like return doc.DocumentNode.OuterHtml; } else { return message; } }Re: Disable drag&drop uploads in Firefox
http://www.youtube.com/watch?v=DVInjn51VYw