Added demos for TExpression, TStatements, TSafeHtml and TTextHighlighter.

1 files changed, 19 insertions, 0 deletions

diff --git a/demos/quickstart/protected/pages/Controls/SafeHtml.page b/demos/quickstart/protected/pages/Controls/SafeHtml.page
index 16561672..565c8251 100644
--- a/demos/quickstart/protected/pages/Controls/SafeHtml.page
+++ b/demos/quickstart/protected/pages/Controls/SafeHtml.page
@@ -3,4 +3,23 @@
 <h1>TSafeHtml</h1>

 <com:DocLink ClassPath="System.Web.UI.WebControls.TSafeHtml" />

 

+<p>

+<tt>TSafeHtml</tt> is a control that strips down all potentially dangerous HTML content. It is mainly a wrapper of the <a href="http://pixel-apes.com/safehtml/">SafeHTML</a> project. According to the SafeHTML project, it tries to safeguard the following situations when the string is to be displayed to end-users:

+</p>

+<ul>

+  <li>Opening tag without its closing tag</li>

+  <li>closing tag without its opening tag

+  <li>any of these tags: base, basefont, head, html, body, applet, object, iframe, frame, frameset, script, layer, ilayer, embed, bgsound, link, meta, style, title, blink, xml, etc.</li>

+  <li>any of these attributes: on*, data*, dynsrc</li>

+  <li>javascript:/vbscript:/about: etc. protocols</li>

+  <li>expression/behavior etc. in styles</li>

+  <li>any other active content.</li>

+</ul>

+

+<p>

+To use <tt>TSafeHtml</tt>, simply enclose the content to be secured within the <tt>TSafeHtml</tt> component tag in a template. The content may consist of both static text and PRADO controls. If the latter, the rendering result of the controls will be secured.

+</p>

+

+<com:RunBar PagePath="Controls.Samples.TSafeHtml.Home" />

+

 </com:TContent>
\ No newline at end of file