Open miguelisidoro opened 4 days ago
I can't repro. What does the call stack look like in the NullReferenceException?
Hi,
The call stack trace is the following:
System.NullReferenceException: Object reference not set to an instance of an object.
at AngleSharp.Css.Values.CssPeriodicValue1.get_CssText() at AngleSharp.Css.Dom.CssProperty.get_Value() at AngleSharp.Css.Dom.CssStyleDeclaration.TryCreateShorthand(String shorthandName, IEnumerable
1 serialized, List1 usedProperties, Boolean force) at AngleSharp.Css.Dom.CssStyleDeclaration.GetPropertyShorthand(String name) at AngleSharp.Css.Dom.CssStyleDeclaration.GetProperty(String name) at AngleSharp.Css.Dom.CssStyleDeclaration.CreateProperty(String propertyName) at AngleSharp.Css.Dom.CssStyleDeclaration.SetProperty(String propertyName, String propertyValue, String priority) at AngleSharp.Css.Parser.CssBuilder.CreateDeclarationWith(ICssProperties properties, CssToken& token) at AngleSharp.Css.Parser.CssBuilder.FillDeclarations(CssStyleDeclaration style, CssToken token) at AngleSharp.Css.Parser.CssParser.<>c__DisplayClass23_0.<ParseDeclaration>b__0(CssBuilder b, CssToken t) at AngleSharp.Css.Parser.CssParser.Parse[T](String source, Func
3 create)
at AngleSharp.Css.Parser.CssParser.ParseDeclaration(String declarationText)
at AngleSharp.Css.Dom.CssStyleDeclaration.Update(String value)
at AngleSharp.Css.Dom.ElementCssInlineStyleExtensions.CreateStyle(IElement element, String source)
at AngleSharp.Css.Dom.ElementCssInlineStyleExtensions.CreateStyle(IElement element)
at System.Runtime.CompilerServices.ConditionalWeakTable2.GetValueLocked(TKey key, CreateValueCallback createValueCallback) at System.Runtime.CompilerServices.ConditionalWeakTable
2.GetValue(TKey key, CreateValueCallback createValueCallback)
at AngleSharp.Css.Dom.ElementCssInlineStyleExtensions.GetStyle(IElement element)
at AngleSharp.Css.Dom.ElementCssInlineStyleExtensions.UpdateStyle(IElement element, String value)
at AngleSharp.Css.StyleAttributeObserver.AngleSharp.Dom.IAttributeObserver.NotifyChange(IElement host, String name, String value)
at AngleSharp.Dom.Element.SetupElement()
at AngleSharp.Html.Parser.HtmlDomBuilder.InCellEndTagCell(HtmlToken token)
at AngleSharp.Html.Parser.HtmlDomBuilder.Parse(HtmlParserOptions options)
at AngleSharp.Html.Parser.HtmlParser.Parse(HtmlDocument document, String stopAt)
at AngleSharp.Html.Parser.HtmlParser.ParseDocument(String source)
at Ganss.Xss.HtmlSanitizer.SanitizeDom(String html, String baseUrl)
at Ganss.Xss.HtmlSanitizer.Sanitize(String html, String baseUrl, IMarkupFormatter outputFormatter)
Thanks
Which versions of AngleSharp, AngleSharp.Css are you using?
Just AngleSharp, version 0.17.1. We don't use AngleSharp.Css (at least we dont have any nuget package in the project).
I also could not reproduce. For reference: https://dotnetfiddle.net/yaU6Dn - works just fine.
What do you suggest to find the reason and solve the error we are getting?
Hard to say. How is this code being called?
public class HtmlHelper
{
private static HtmlSanitizer HtmlSanitizer
{
get
{
HtmlSanitizer sanitizer = new();
// Add Tags
sanitizer.AllowedTags.Add("video");
sanitizer.AllowedTags.Add("source");
sanitizer.AllowedTags.Add("iframe");
// Remove Tags
sanitizer.AllowedTags.Remove("acronym");
sanitizer.AllowedTags.Remove("area");
sanitizer.AllowedTags.Remove("big");
sanitizer.AllowedTags.Remove("body");
sanitizer.AllowedTags.Remove("button");
sanitizer.AllowedTags.Remove("dir");
sanitizer.AllowedTags.Remove("font");
sanitizer.AllowedTags.Remove("footer");
sanitizer.AllowedTags.Remove("form");
sanitizer.AllowedTags.Remove("head");
sanitizer.AllowedTags.Remove("header");
sanitizer.AllowedTags.Remove("html");
sanitizer.AllowedTags.Remove("input");
sanitizer.AllowedTags.Remove("keygen");
sanitizer.AllowedTags.Remove("map");
sanitizer.AllowedTags.Remove("menu");
sanitizer.AllowedTags.Remove("menuitem");
sanitizer.AllowedTags.Remove("nav");
sanitizer.AllowedTags.Remove("optgroup");
sanitizer.AllowedTags.Remove("option");
sanitizer.AllowedTags.Remove("output");
sanitizer.AllowedTags.Remove("section");
sanitizer.AllowedTags.Remove("select");
sanitizer.AllowedTags.Remove("textarea");
sanitizer.AllowedTags.Remove("tt");
// Add Attributes
sanitizer.AllowedAttributes.Add("class");
sanitizer.AllowedAttributes.Add("allow");
sanitizer.AllowedAttributes.Add("allowfullscreen");
sanitizer.AllowedAttributes.Add("frameborder");
sanitizer.AllowedAttributes.Add("poster");
sanitizer.AllowedAttributes.Add("controls");
sanitizer.AllowedAttributes.Add("mention");
sanitizer.AllowedAttributes.Add("data-userid");
sanitizer.AllowedAttributes.Add("scrolling");
sanitizer.AllowedAttributes.Add("width");
sanitizer.AllowedAttributes.Add("height");
// Remove attributes
sanitizer.AllowedAttributes.Remove("accept-charset");
sanitizer.AllowedAttributes.Remove("accept");
sanitizer.AllowedAttributes.Remove("accesskey");
sanitizer.AllowedAttributes.Remove("action");
sanitizer.AllowedAttributes.Remove("autocomplete");
sanitizer.AllowedAttributes.Remove("autosave");
sanitizer.AllowedAttributes.Remove("axis");
sanitizer.AllowedAttributes.Remove("challenge");
sanitizer.AllowedAttributes.Remove("char");
sanitizer.AllowedAttributes.Remove("charoff");
sanitizer.AllowedAttributes.Remove("charset");
sanitizer.AllowedAttributes.Remove("checked");
sanitizer.AllowedAttributes.Remove("clear");
sanitizer.AllowedAttributes.Remove("compact");
sanitizer.AllowedAttributes.Remove("contenteditable");
sanitizer.AllowedAttributes.Remove("coords");
sanitizer.AllowedAttributes.Remove("dir");
sanitizer.AllowedAttributes.Remove("disabled");
sanitizer.AllowedAttributes.Remove("draggable");
sanitizer.AllowedAttributes.Remove("dropzone");
sanitizer.AllowedAttributes.Remove("enctype");
sanitizer.AllowedAttributes.Remove("for");
sanitizer.AllowedAttributes.Remove("frame");
sanitizer.AllowedAttributes.Remove("headers");
sanitizer.AllowedAttributes.Remove("high");
sanitizer.AllowedAttributes.Remove("hreflang");
sanitizer.AllowedAttributes.Remove("hspace");
sanitizer.AllowedAttributes.Remove("ismap");
sanitizer.AllowedAttributes.Remove("keytype");
sanitizer.AllowedAttributes.Remove("list");
sanitizer.AllowedAttributes.Remove("longdesc");
sanitizer.AllowedAttributes.Remove("low");
sanitizer.AllowedAttributes.Remove("max");
sanitizer.AllowedAttributes.Remove("maxlength");
sanitizer.AllowedAttributes.Remove("method");
sanitizer.AllowedAttributes.Remove("min");
sanitizer.AllowedAttributes.Remove("multiple");
sanitizer.AllowedAttributes.Remove("nohref");
sanitizer.AllowedAttributes.Remove("noshade");
sanitizer.AllowedAttributes.Remove("novalidate");
sanitizer.AllowedAttributes.Remove("open");
sanitizer.AllowedAttributes.Remove("optimum");
sanitizer.AllowedAttributes.Remove("pattern");
sanitizer.AllowedAttributes.Remove("placeholder");
sanitizer.AllowedAttributes.Remove("radiogroup");
sanitizer.AllowedAttributes.Remove("readonly");
sanitizer.AllowedAttributes.Remove("required");
sanitizer.AllowedAttributes.Remove("rev");
sanitizer.AllowedAttributes.Remove("rules");
sanitizer.AllowedAttributes.Remove("selected");
sanitizer.AllowedAttributes.Remove("shape");
sanitizer.AllowedAttributes.Remove("usemap");
return sanitizer;
}
}
/// <summary>
/// Sanitizes html input.
/// </summary>
/// <param name="html"></param>
/// <returns>The sanitized html.</returns>
public static string SanitizeHtml(string html)
{
return HtmlSanitizer.Sanitize(html);
}
}
I think what @tiesont meant was what does the code look like that calls HtmlHelper.SanitizeHtml()
?
Example:
ApprovalForm requestFormPart = new ApprovalForm
{
Admins = new UserPickerField { UserIds = request.Admins },
Description = new HtmlField { Html = HtmlHelper.SanitizeHtml(request.Description) },
Approvers = new UserPickerField { UserIds = request.Approvers },
FormId = new TextField { Text = formId }
};
Could you create a console app using the same .NET version and HtmlSanitizer NuGet package version and create a minimal example that shows the issue? Or possibly change the fiddle that @tiesont posted so that the issue shows?
I created a console app and can't repro it either. I will try to reproduce the issue and get the html that triggers the error and update the fiddle.
I just tried to reproduce the original error and couldn't. Please close the issue and if we have another situation we will contact you.
Thanks for the support. Have a nice weekend.
Hi,
We have the following code:
public class HtmlHelper { private static HtmlSanitizer HtmlSanitizer { get { HtmlSanitizer sanitizer = new();
}
that is throwing a NullReferenceException in the line "return HtmlSanitizer.Sanitize(html)".
The html that is causing this error is the following:
Can you please release a new version that fixes this error?
Thanks