Update AntiXSS Protection

2012-08-25 12:26:54 -04:00 · 2012-08-25 12:26:54 -04:00 · 3e5581611c
commit 3e5581611c
parent 27fab29a16
63 changed files with 636 additions and 183 deletions
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPSForPC/RemoteDesktop/Connect.aspx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPSForPC/RemoteDesktop/Connect.aspx.cs
@ -1,4 +1,4 @@
-// Copyright (c) 2012, Outercurve Foundation.
+// Copyright (c) 2012, Outercurve Foundation.
 // All rights reserved.
 //
 // Redistribution and use in source and binary forms, with or without modification,
@ -29,7 +29,6 @@
 using System;
 using WebsitePanel.Providers.Virtualization;
 using WebsitePanel.EnterpriseServer;
-using Microsoft.Security.Application;

 namespace WebsitePanel.Portal.VPSForPC.RemoteDesktop
 {
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPSForPC/VdcCreateServer.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPSForPC/VdcCreateServer.ascx.cs
@ -35,7 +35,6 @@ using WebsitePanel.EnterpriseServer;
 using WebsitePanel.Providers.Virtualization;
 using WebsitePanel.Providers.Common;
 using WebsitePanel.Providers.ResultObjects;
-using Microsoft.Security.Application;
 using System.Resources;

 namespace WebsitePanel.Portal.VPSForPC
@ -264,17 +263,17 @@ namespace WebsitePanel.Portal.VPSForPC
 		{
 			// general
 			litHostname.Text = txtVmName.Text.Trim();
-			//            litHostname.Text =  Microsoft.Security.Application.Encoder.HtmlEncode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
+			//            litHostname.Text =  PortalAntiXSS.Decode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
 			litOperatingSystem.Text = listOperatingSystems.SelectedItem.Text;

-			litSummaryEmail.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSummaryEmail.Text.Trim());
+			litSummaryEmail.Text = PortalAntiXSS.Encode(txtSummaryEmail.Text.Trim());
 			SummSummaryEmailRow.Visible = chkSendSummary.Checked;

 			// config
-			litCpu.Text = Microsoft.Security.Application.Encoder.HtmlEncode(ddlCpu.SelectedValue);
-			litRam.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtRam.Text.Trim());
-			litHdd.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtHdd.Text.Trim());
-			//litSnapshots.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSnapshots.Text.Trim());
+            litCpu.Text = PortalAntiXSS.Encode(ddlCpu.SelectedValue);
+            litRam.Text = PortalAntiXSS.Encode(txtRam.Text.Trim());
+            litHdd.Text = PortalAntiXSS.Encode(txtHdd.Text.Trim());
+			//litSnapshots.Text = PortalAntiXSS.Decode(txtSnapshots.Text.Trim());
 			//optionDvdInstalled.Value = chkDvdInstalled.Checked;
 			//optionBootFromCd.Value = chkBootFromCd.Checked;
 			//optionNumLock.Value = chkNumLock.Checked;