In my application (ASP.NET) i have to localize the page. In the top corder there are classic flag interface to choose among supported languages.
Each flag has it own language calculated server side (i need to tranlsate also the page slug) so :
en : mysite.com/customer_support?language=en
de : mysite.com/benutzer-support?language=de
As you can see also the link change (not only url parameter) so i have to do this localization server side, and procedee that way
<ul class="dropdown-menu" style="">
<% foreach (string languageCode in this.Configuration?.ActiveLanguages) {%>
<li>
<a class="dropdown-item nav-link text-nowrap" href="<%=_myUrlObject.Localize(languageCode).UpdateParameter("languageCode",languageCode )%>" >
<img src="/Images/Flags/<%=languageCode%>.svg" height="12" width="16" />
</a>
</li>
<% } %>
</ul>
Where _myUrlObject is an instance of custom class that basically act similary to Uri class but let me localize the slug.
Problem is that class does not handle query string that survive as it arrive from client.
So if i receive :
mysite.com/customer_support?language=en&someEvilData
I will produce the flags including someEvilData sent by the client.
It seems to me that whatever it come, it's urlencoded, but i ask myself if there is some character combination that may escape the href quote, leading to XSS :
<%=_myUrlObject.Localize(languageCode).UpdateParameter("language",languageCode )%>" > //eg : de
|
V
href="mysite.com/benutzer-support?language=de&someEvilData" >
Seems to me that because all query strings are url encoded, is not possible to evade href quotes, but it's a my guess and i am not sure. Is there something i need to be concerned?
Related
I have a string containing a list of html tags with invalid tag formatting.
For example, I have a string such as that below:
<p>
<strong>Scale:</strong>
</p>
<p>
<ul style="list-style-type:disc" class="pl-2">
<li>2 to 4 nodes</li>
</ul>
</p>
<p>
<strong>Single Node Data:</strong>
</p>
<p>
<ul style="list-style-type:disc" class="pl-2">
<li>CPU: 6-26 cores (Intel)</li>
<li>RAM: 128GB to 2TB</li>
<li>Raw storage: 240GB to 16TB</li>
<li>Storage type: SSD + HDD</li>
<li>Network speed: Up to 25Gb</li>
</ul>
</p><img src="xxxxx"/>
I need to replace the tags ending with /> to </img>, such that <img src="xxxxx"/> would be replaced with <img src="xxxxx"></img>.
How would I achieve this using C#?
For what you are asking, you can go with either one of the following options
Option 1
You can use a 3rd party library that parses your HTML into tags (it actually renders it as XML) and separate each tag (and its content) in a string array/list
then you loop the list and check if the closing tag is proper, if not replace it with the proper one.
Here is the library
Option 2
You can create your own html parser, which would give you more control over the parser's logic, i found this example of C# HTML parser on CodeProject you can check it out.
I have a strange issue that I can't seem to debug. I have some Bootstrap Tabs, that have Action Links in like so:
<div class="page-tabs">
<ul class="nav nav-tabs">
<li class='#(actionName.ToLower() == "viewamendments" &&
controllerName.ToLower() == "songsmanagement" ? "active" : "")'>
Old Song
</li>
</ul>
But for some reason when I go to the URL /SongManagement/ViewAmendments the tab is styled correctly but in the Console using Chrome it's not appending the href attribute instead of its showing:
<a data-container="body" data-toggle="tooltip" title="" data-original-title="Old Song">Old Song</a>
I have cleaned the solution in VS2017 and Rebuilt it, I have also Cleared the browser cache and hard reset. Also tried in Incognito.
Any advice on what it could be?
Turns out that it was due to the controller name, not being found. A simple change, but usually it won't append the href tag when it can't find the method in the controller.
can you please try with
data-target='#Url.Action("ViewAmendments", "SongManagement")'
Add this attribute in your anchor tag and try again.
I have an unsorted html list in form of of a string like this:
<ul class="localizations">
<li>
English
</li>
<li>
German
</li>
<li>
French
</li>
</ul>
(note that the href attribute can be completely arbitrary)
Now I am looking for a way in my View to parse this string in a way that will result in an array that has the link text as index, and the link's href attribute as value, so I can later use ... to get the german link, etc.
I'm also thinking about using this to generate rel="alternate" hreflang="x" links in the <head> so I can't use JS at runtime but have to do this in c#/razor in the masterpage when the page is created.
I am rather new to asp.net/c#/mvc, could somebody please point me in the right direction?
My project is an asp.net and it has a master page that contains a list
<ul id="navigation">
<li id="li1" runat="server" class="selected">Events</li>
<li id="li2" runat="server">Add Event</li>
<li id="li3" runat="server">Profile</li>
<li id="li4" runat="server">Friends</li>
<li id="li5" runat="server">Find Friends</li>
<li id="li6" runat="server">Schedual</li>
<li>
<asp:LinkButton ID="LogOutButton" runat="server" OnClick="LogOutButton_Click">Log Out</asp:LinkButton>
</li>
</ul>
The selected class (css class) has a picture this picture tells the user on which page he is. How can I change this class using javascript or C# when I navigate?
I don't have a good experience with javascript
document.getElementById("li6").className = "whatever";
Should work/
$("#li1").addClass("selected");
Will work.
Example
This is very simply in JavaScript/jQuery.
But if this is for navigation, meaning it needs to be updated when you display a new page, I would do this in the markup from the server.
You didn't say much about how you are serving this page. But both ASP.NET WebForms and MVC allow you to control the HTML served in a number of different ways.
You can set for all your li tags classes like this for example:
<li class="li">
... content of the tag
</li>
and in your javascript you can add to all elements with class "li" some other class:
$(".li").addClass("classYouWantToAdd");
and in the css file:
.li
{
... needed css for the class
}
here is another post that tells you how to get elements by classname
Selecting a div by classname
I use asp.net 4 and C#.
I have some nested Master Pages; I display in my Content Page a list of Links using a repeater.
This is a sample of code generated by ASP.NET as read in the Source code in the Browser.
As you can see the ID is very lengthy.
My question:
How can I have control on the ID generated, so I can chose another format much shorter?
Please keep in mind that I cannot get rid of Master Pages for my layout.
Thanks for your help on this!
<li>
<a id="ContentBody_ContentColumn2_latestArticle_uxRepeaterLatestArticles_uxLink_0" href="Category.aspx?CategoryId=8">AAAAA</a>
</li>
<li>
<a id="ContentBody_ContentColumn2_latestArticle_uxRepeaterLatestArticles_uxLink_1" href="Category.aspx?CategoryId=12">BBBBB</a>
</li>
I would like instead an ID like:
ID="CB_CC_LA_R_0"
ID="CB_CC_LA_R_1"
Useful article:
http://www.west-wind.com/weblog/posts/2009/Nov/07/ClientIDMode-in-ASPNET-40
http://msdn.microsoft.com/en-us/library/system.web.ui.control.clientidmode.aspx
http://beyondrelational.com/blogs/hima/archive/2010/07/16/all-about-client-id-mode-in-asp-net-4.aspx
Replace the asp:HyperLink with plain HTML anchor tag and use following markup for it:
<a id='CB_CC_LA_R_<%# Container.ItemIndex %>' href='<%# Eval("IndexPropertyName", "Category.aspx?CategoryId={0}") %>' >
<%# Eval("TextPopertyName") %>
</a>