Looking through options for sanitizing HTML, I found my way to the following library.

See: https://github.com/mganss/HtmlSanitizer

HtmlSantizer uses a whitelist approach to HTML sanitization. A whitelist approach to HTML sanitization is more secure in that there is less scope for missing dangerous tags and attributes. It also works well in a markdown context where a limited set of known tags will make up the output HTML.

If you want to allow additional tags and attributes to remain in the output HTML, you can configure the HtmlSanitizerclass as follows:

var sanitizer = new HtmlSanitizer();
sanitizer.AllowedAttributes.Add("class");
var sanitized = sanitizer.Sanitize(html);

Rick Strahl’s…


Why?

I’ve designed this ILoggerimplementation to solve an issue I encountered today where the code I was working was wasn’t logging errors when the error occurred in a background thread. It was failing silently because unless you configure NLog specifically to throw exceptions, it won’t.

The principle issue in my case was that the usual ILogger<T> instance instantiated in the class constructor wasn’t available because the controller object on the main thread had disposed before the thread had completed. Fair enough. I then tried creating an instance of ILogger<T> via a service locator within the thread. …


I find that at times the standard TypeScript/JavaScript callback pattern can make code hard to read and manage. To alleviate this problem, we can wrap callbacks with promises to synchronise the call. Going a step further, we can implement async / await to further improve code readability. This is especially true if like me, your primary programming language is OO like C# or Java.

In the below example, I’m working with NeDB, as JS database. Operations in NeDB follow the standard callback pattern. Standard callback pattern in the docs looks like this:

db.findOne({'name': 'draupnir'}, function (err, doc) {
console.log('findOne …

Database deadlocks were suspected in a large .NET Core project with around 50 transaction blocks.

To help pinpoint the source of the transaction as quickly as possible, I designed this set of utility classes to wrap calls to transaction method calls and set a limit on how long they can take to complete. Failure to complete within a given time (10 seconds as configured below) should result in logging out and an exception being thrown. The stack trace is included to help identify the source of the problem.

This is a destructive process in that it requires you to modify…

Gareth Brown

Software Engineer doing software around abouts the South West UK

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store