Commit after pull/merge

WebsitePanel/Sources/WebsitePanel.WebPortal/Default.aspx.cs

@@ -387,7 +387,7 @@ namespace WebsitePanel.WebPortal
         {
             Label lbl = new Label();
             lbl.Text =
-                AntiXss.HtmlEncode("<div style=\"height:300px;overflow:auto;\">" + message.Replace("\n", "<br>") +
+                Microsoft.Security.Application.Encoder.HtmlEncode("<div style=\"height:300px;overflow:auto;\">" + message.Replace("\n", "<br>") +
                                    "</div>");
             lbl.ForeColor = Color.Red;
             lbl.Font.Bold = true;

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/DiskspaceReportPackageDetails.ascx.cs

@@ -94,7 +94,7 @@ namespace WebsitePanel.Portal
                 i++;
             }
 
-            litTotal.Text = AntiXss.HtmlEncode(DiskspaceTotal.ToString());
+            litTotal.Text = Microsoft.Security.Application.Encoder.HtmlEncode(DiskspaceTotal.ToString());
 
             // get summary
             gvSummary.DataSource = ds;

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeContactGeneralSettings.ascx.cs

@@ -64,7 +64,7 @@ namespace WebsitePanel.Portal.ExchangeServer
                 ExchangeContact contact = ES.Services.ExchangeServer.GetContactGeneralSettings(PanelRequest.ItemID,
                     PanelRequest.AccountID);
 
-                litDisplayName.Text = AntiXss.HtmlEncode(contact.DisplayName);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(contact.DisplayName);
 
                 // bind form
                 txtDisplayName.Text = contact.DisplayName;
@@ -146,7 +146,7 @@ namespace WebsitePanel.Portal.ExchangeServer
                     return;
                 }
 
-                litDisplayName.Text = AntiXss.HtmlEncode(txtDisplayName.Text);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtDisplayName.Text);
 
                 messageBox.ShowSuccessMessage("EXCHANGE_UPDATE_CONTACT_SETTINGS");
             }

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeDistributionListGeneralSettings.ascx.cs

@@ -105,7 +105,7 @@ namespace WebsitePanel.Portal.ExchangeServer
                     return;
                 }
 
-                litDisplayName.Text = AntiXss.HtmlEncode(txtDisplayName.Text);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtDisplayName.Text);
 
                 messageBox.ShowSuccessMessage("EXCHANGE_UPDATE_DLIST_SETTINGS");
             }

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangePublicFolderGeneralSettings.ascx.cs

@@ -120,7 +120,7 @@ namespace WebsitePanel.Portal.ExchangeServer
                 string origName = litDisplayName.Text;
                 origName = origName.Substring(0, origName.LastIndexOf("\\"));
 
-                litDisplayName.Text = AntiXss.HtmlEncode(origName + txtName.Text);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(origName + txtName.Text);
 
 				BindSettings();
             }

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/OrganizationUserGeneralSettings.ascx.cs

@@ -70,7 +70,7 @@ namespace WebsitePanel.Portal.HostedSolution
                 OrganizationUser user = ES.Services.Organizations.GetUserGeneralSettings(PanelRequest.ItemID,
                     PanelRequest.AccountID);
 
-                litDisplayName.Text = AntiXss.HtmlEncode(user.DisplayName);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(user.DisplayName);
 
                 lblUserDomainName.Text = user.DomainUserName;
 

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingAddonsEditAddon.ascx.cs

@@ -144,7 +144,7 @@ namespace WebsitePanel.Portal
                 try
                 {
                     PackageResult result = ES.Services.Packages.UpdateHostingPlan(plan);
-                    lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                    lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                     if (result.Result < 0)
                     {
                         ShowResultMessage(result.Result);

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingPlansEditPlan.ascx.cs

@@ -196,7 +196,7 @@ namespace WebsitePanel.Portal
                     if (result.Result < 0)
                     {
                         ShowResultMessage(result.Result);
-                        lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                        lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                         return;
                     }
                 }

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/PeersEditPeer.ascx.cs

@@ -38,7 +38,7 @@ using System.Web.UI;
 using System.Web.UI.WebControls;
 using System.Web.UI.WebControls.WebParts;
 using System.Web.UI.HtmlControls;
-
+using Microsoft.Security.Application;
 using WebsitePanel.EnterpriseServer;
 
 namespace WebsitePanel.Portal

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SchedulesEditSchedule.ascx.cs

@@ -151,7 +151,7 @@ namespace WebsitePanel.Portal
 					// The view does not provide ability to set and get parameters.
 					return null;
 				}
-				view.ID = AntiXss.HtmlEncode(taskId);
+				view.ID = Microsoft.Security.Application.Encoder.HtmlEncode(taskId);
 				view.Visible = visible;
 				view.EnableTheming = true;
 				this.TaskParametersPlaceHolder.Controls.Add(view);

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditAddon.ascx.cs

@@ -137,7 +137,7 @@ namespace WebsitePanel.Portal
                     if (result.Result < 0)
                     {
                         ShowResultMessage(result.Result);
-                        lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                        lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                         return;
                     }
                 }
@@ -156,7 +156,7 @@ namespace WebsitePanel.Portal
                     if (result.Result < 0)
                     {
                         ShowResultMessage(result.Result);
-                        lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                        lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                         return;
                     }
                 }

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditDetails.ascx.cs

@@ -129,7 +129,7 @@ namespace WebsitePanel.Portal
                 if (result.Result < 0)
                 {
                     ShowResultMessage(result.Result);
-                    lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                    lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                     return;
                 }
             }

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceNestedSpacesSummary.ascx.cs

@@ -60,7 +60,7 @@ namespace WebsitePanel.Portal
             DataSet dsSpaces = ES.Services.Packages.GetNestedPackagesSummary(PanelSecurity.PackageId);
 
             // all customers
-            lnkAllSpaces.Text = AntiXss.HtmlEncode(String.Format("All Spaces ({0})", dsSpaces.Tables[0].Rows[0]["PackagesNumber"]));
+            lnkAllSpaces.Text = Microsoft.Security.Application.Encoder.HtmlEncode(String.Format("All Spaces ({0})", dsSpaces.Tables[0].Rows[0]["PackagesNumber"]));
 
             // by status
             repSpaceStatuses.DataSource = dsSpaces.Tables[1];

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/AuditLogControl.ascx.cs

@@ -185,9 +185,9 @@ namespace WebsitePanel.Portal.UserControls
 					GetAuditLogSourceName((string)dr["SourceName"]));
                 // Task
 				sb.AppendFormat("\"{0}\",", 
-					AntiXss.HtmlEncode(GetAuditLogTaskName((string)dr["SourceName"], (string)dr["TaskName"])));
+					Microsoft.Security.Application.Encoder.HtmlEncode(GetAuditLogTaskName((string)dr["SourceName"], (string)dr["TaskName"])));
 				// Item-Name
-                sb.AppendFormat("\"{0}\",", AntiXss.HtmlEncode(dr["ItemName"].ToString()));
+                sb.AppendFormat("\"{0}\",", Microsoft.Security.Application.Encoder.HtmlEncode(dr["ItemName"].ToString()));
 				// Execution-Log
 				string executionLog = FormatPlainTextExecutionLog(
 					dr["ExecutionLog"].ToString(), DateTime.Parse(dr["StartDate"].ToString()));

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/Comments.ascx.cs

@@ -66,8 +66,8 @@ namespace WebsitePanel.Portal
             if (!String.IsNullOrEmpty(Comments))
             {
                 // escape symbols
-				imgView.AlternateText = Comments;// Comments.Replace("\n", "<br/>").Replace("\r", "");//.Replace(" ", "&nbsp;");
+                imgView.AlternateText = Server.HtmlDecode(Comments);// Comments.Replace("\n", "<br/>").Replace("\r", "");//.Replace(" ", "&nbsp;");
-				imgView.ToolTip = Comments;
+				imgView.ToolTip = Server.HtmlDecode(Comments);
                     //.Replace("\n", "<br/>");
             }
             else

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/MessageBox.ascx.cs

@@ -81,7 +81,7 @@ namespace WebsitePanel.Portal
                 try
                 {
                     // technical details
-                    litPageUrl.Text = AntiXss.HtmlEncode(Request.Url.ToString());
+                    litPageUrl.Text = Microsoft.Security.Application.Encoder.HtmlEncode(Request.Url.ToString());
                     litLoggedUser.Text = PanelSecurity.LoggedUser.Username;
                     litSelectedUser.Text = PanelSecurity.SelectedUser.Username;
                     litPackageName.Text = PanelSecurity.PackageId.ToString();

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/UsernameControl.ascx.cs

@@ -71,7 +71,7 @@ namespace WebsitePanel.Portal
         public string Text
         {
             get { return EditMode ? txtName.Text.Trim() : litPrefix.Text + txtName.Text.Trim() + litSuffix.Text; }
-            set { txtName.Text = value; lblName.Text = AntiXss.HtmlEncode(value); }
+            set { txtName.Text = value; lblName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(value); }
         }
 
         private UserInfo PolicyUser

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCreateSpace.ascx.cs

@@ -136,7 +136,7 @@ namespace WebsitePanel.Portal
                 if (result.Result < 0)
                 {
                     ShowResultMessage(result.Result);
-                    lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                    lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                     return;
                 }
                 else

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCustomersSummary.ascx.cs

@@ -52,7 +52,7 @@ namespace WebsitePanel.Portal
             DataSet dsUsers = ES.Services.Users.GetUsersSummary(PanelSecurity.SelectedUserId);
 
             // all customers
-			lnkAllCustomers.Text = AntiXss.HtmlEncode(String.Format(GetLocalizedString("AllCustomers.Text"),
+			lnkAllCustomers.Text = Microsoft.Security.Application.Encoder.HtmlEncode(String.Format(GetLocalizedString("AllCustomers.Text"),
 				dsUsers.Tables[0].Rows[0]["UsersNumber"]));
 
             // by status

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPS/VdcCreateServer.ascx.cs

@@ -239,17 +239,17 @@ namespace WebsitePanel.Portal.VPS
         private void BindSummary()
         {
             // general
-            litHostname.Text =  AntiXss.HtmlEncode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
+            litHostname.Text =  Microsoft.Security.Application.Encoder.HtmlEncode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
             litOperatingSystem.Text = listOperatingSystems.SelectedItem.Text;
 
-            litSummaryEmail.Text = AntiXss.HtmlEncode(txtSummaryEmail.Text.Trim());
+            litSummaryEmail.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSummaryEmail.Text.Trim());
             SummSummaryEmailRow.Visible = chkSendSummary.Checked;
 
             // config
-            litCpu.Text = AntiXss.HtmlEncode(ddlCpu.SelectedValue);
+            litCpu.Text = Microsoft.Security.Application.Encoder.HtmlEncode(ddlCpu.SelectedValue);
-            litRam.Text = AntiXss.HtmlEncode(txtRam.Text.Trim());
+            litRam.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtRam.Text.Trim());
-            litHdd.Text = AntiXss.HtmlEncode(txtHdd.Text.Trim());
+            litHdd.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtHdd.Text.Trim());
-            litSnapshots.Text = AntiXss.HtmlEncode(txtSnapshots.Text.Trim());
+            litSnapshots.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSnapshots.Text.Trim());
             optionDvdInstalled.Value = chkDvdInstalled.Checked;
             optionBootFromCd.Value = chkBootFromCd.Checked;
             optionNumLock.Value = chkNumLock.Checked;
@@ -262,23 +262,23 @@ namespace WebsitePanel.Portal.VPS
             // external network
             optionExternalNetwork.Value = chkExternalNetworkEnabled.Checked;
             SummExternalAddressesNumberRow.Visible = radioExternalRandom.Checked && chkExternalNetworkEnabled.Checked;
-            litExternalAddressesNumber.Text = AntiXss.HtmlEncode(txtExternalAddressesNumber.Text.Trim());
+            litExternalAddressesNumber.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtExternalAddressesNumber.Text.Trim());
             SummExternalAddressesListRow.Visible = radioExternalSelected.Checked && chkExternalNetworkEnabled.Checked;
 
             List<string> ipAddresses = new List<string>();
             foreach (ListItem li in listExternalAddresses.Items)
                 if (li.Selected)
                     ipAddresses.Add(li.Text);
-            litExternalAddresses.Text = AntiXss.HtmlEncode(String.Join(", ", ipAddresses.ToArray()));
+            litExternalAddresses.Text = Microsoft.Security.Application.Encoder.HtmlEncode(String.Join(", ", ipAddresses.ToArray()));
 
             // private network
             optionPrivateNetwork.Value = chkPrivateNetworkEnabled.Checked;
             SummPrivateAddressesNumberRow.Visible = radioPrivateRandom.Checked && chkPrivateNetworkEnabled.Checked && (ViewState["DHCP"] == null);
-            litPrivateAddressesNumber.Text = AntiXss.HtmlEncode(txtPrivateAddressesNumber.Text.Trim());
+            litPrivateAddressesNumber.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtPrivateAddressesNumber.Text.Trim());
             SummPrivateAddressesListRow.Visible = radioPrivateSelected.Checked && chkPrivateNetworkEnabled.Checked && (ViewState["DHCP"] == null);
 
             string[] privIps = Utils.ParseDelimitedString(txtPrivateAddressesList.Text, '\n', '\r', ' ', '\t');
-            litPrivateAddressesList.Text = AntiXss.HtmlEncode(String.Join(", ", privIps));
+            litPrivateAddressesList.Text = Microsoft.Security.Application.Encoder.HtmlEncode(String.Join(", ", privIps));
         }
 
         protected void wizard_FinishButtonClick(object sender, WizardNavigationEventArgs e)

WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPSForPC/VdcCreateServer.ascx.cs

@@ -264,17 +264,17 @@ namespace WebsitePanel.Portal.VPSForPC
 		{
 			// general
 			litHostname.Text = txtVmName.Text.Trim();
-			//            litHostname.Text =  AntiXss.HtmlEncode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
+			//            litHostname.Text =  Microsoft.Security.Application.Encoder.HtmlEncode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
 			litOperatingSystem.Text = listOperatingSystems.SelectedItem.Text;
 
-			litSummaryEmail.Text = AntiXss.HtmlEncode(txtSummaryEmail.Text.Trim());
+			litSummaryEmail.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSummaryEmail.Text.Trim());
 			SummSummaryEmailRow.Visible = chkSendSummary.Checked;
 
 			// config
-			litCpu.Text = AntiXss.HtmlEncode(ddlCpu.SelectedValue);
+			litCpu.Text = Microsoft.Security.Application.Encoder.HtmlEncode(ddlCpu.SelectedValue);
-			litRam.Text = AntiXss.HtmlEncode(txtRam.Text.Trim());
+			litRam.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtRam.Text.Trim());
-			litHdd.Text = AntiXss.HtmlEncode(txtHdd.Text.Trim());
+			litHdd.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtHdd.Text.Trim());
-			//litSnapshots.Text = AntiXss.HtmlEncode(txtSnapshots.Text.Trim());
+			//litSnapshots.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSnapshots.Text.Trim());
 			//optionDvdInstalled.Value = chkDvdInstalled.Checked;
 			//optionBootFromCd.Value = chkBootFromCd.Checked;
 			//optionNumLock.Value = chkNumLock.Checked;

WebsitePanel/Sources/WebsitePanel.WebPortal/Web.config

@@ -6,7 +6,7 @@
 		<add key="ChartImageHandler" value="storage=file;timeout=20;" />
     <add key="SessionValidationKey" value="DAD46D476F85E0198BCA134D7AA5CC1D7" />
 	</appSettings>
-	<system.web>
+	<system.web>    
 		<!-- SiteMap settings -->
 		<siteMap defaultProvider="WebsitePanelSiteMapProvider" enabled="true">
 			<providers>
@@ -20,7 +20,7 @@
 			</controls>
 		</pages>
 		<!-- Maximum size of uploaded file, in MB -->
-		<httpRuntime executionTimeout="1800" requestValidationMode="2.0" maxRequestLength="16384" enableVersionHeader="false"/>
+		<httpRuntime executionTimeout="1800" requestValidationMode="2.0" maxRequestLength="16384" enableVersionHeader="false" encoderType="Microsoft.Security.Application.AntiXssEncoder, AntiXssLibrary" />
 		<!--
           ASMX is mapped to a new handler so that proxy javascripts can also be served.
     -->