Json Sanitization for C#

Question

Json Sanitization for C#

neerajknextgen opened this issue 4 years ago · comments

Neeraj Chahal commented 4 years ago

Do you have C# version for this ?

Jim Manico · Answer 1 · Wed May 13 2020 21:20:07 GMT+0800 (China Standard Time)

No but we welcome contributions!

…

-- Jim Manico @manicode Secure Coding Education +1 (808) 652-3805

On May 13, 2020, at 3:46 AM, neerajknextgen ***@***.***> wrote: Do you have C# version for this ? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

Cristian · Answer 2 · Wed Sep 02 2020 11:28:07 GMT+0800 (China Standard Time)

The new (3.x) netcore JsonSerializer comes with an optional JavaScriptEncoder that you could use.
In my case, I set it at the controller level when configuring the services and it does the job. I tested it using various ways of injecting HTML/JS and it seemed to work well.

Just an example:

services.AddControllers().AddJsonOptions(options =>
            {
                options.JsonSerializerOptions.Encoder = JavaScriptEncoder.Default;
            });

Anyway, you may find it useful.

Cheers!

Manas · Answer 3 · Fri Feb 12 2021 20:03:17 GMT+0800 (China Standard Time)

Hi, Can anyone help me to sanitize my json in Asp.Net Core

Yemliha Öner · Answer 4 · Fri Nov 04 2022 14:19:48 GMT+0800 (China Standard Time)

Hi guys, we wrapped this package into NuGet package and published. JsonSanitizer is now available on C#.