Dela via


Making HTML safer: details for toStaticHTML (HTML)

[ This article is for Windows 8.x and Windows Phone 8.x developers writing Windows Runtime apps. If you’re developing for Windows 10, see the latest documentation ]

As described in HTML, CSS, and JavaScript features and differences, HTML you inject into a page in your app's local context is filtered by the toStaticHTML method.

This security restriction affects these properties and methods:

The next sections describe which content is considered safe, and which is not.

(For info about how to work around HTML that doesn't make it through this filtering process, see HTML, CSS, and JavaScript features and differences.)

Elements

This list describes whether an element is considered safe. The system throws an exception when it finds an unsafe element.

Element Allowed
Unknown tag No
XML tag No
<!-- --> No
a Yes
abbr Yes
acronym Yes
address Yes
altGlyph Yes
altGlyphDef Yes
altGlyphItem Yes
applet No
area Yes
article Yes
aside Yes
audio Yes
b Yes
base No
bdi Yes
bdo Yes
bgsound Yes
big Yes
blink No
blockquote Yes
body Yes
br Yes
button Yes
canvas Yes
caption Yes
center Yes
circle Yes
cite Yes
clipPath Yes
code Yes
col Yes
colGroup Yes
color-profile Yes
command* Yes
comment No
cursor Yes
datalist Yes
dd Yes
defs Yes
del Yes
desc Yes
details Yes
dfn Yes
dir Yes
div Yes
dl Yes
dt Yes
ellipse Yes
em Yes
embed No
EVENT No
feBlend Yes
feColorMatrix Yes
feComponentTransfer Yes
feComposite Yes
feConvolveMatrix Yes
feDiffuseLighting Yes
feDisplacementMap Yes
feDistantLight Yes
feFlood Yes
feFuncA Yes
feFuncB Yes
feFuncG Yes
feFuncG Yes
feFuncR Yes
feGaussianBlur Yes
feImage Yes
feMerge Yes
feMergeNode Yes
feMorphology Yes
feOffset Yes
fePointLight Yes
feSpecularLighting Yes
feSpotlight Yes
feTile Yes
feTurbulence Yes
fieldset Yes
figcaption Yes
figure Yes
filter Yes
font-face Yes
font-face-format Yes
font-face-name Yes
font-face-src Yes
font-face-uri Yes
font Yes
footer Yes
form Yes
frame No
frameset No
g Yes
glyph Yes
glyphRef Yes
h1 Yes
h2 Yes
h3 Yes
h4 Yes
h5 Yes
h6 Yes
head Yes
header Yes
hgroup Yes
hkern Yes
hr Yes
html Yes
i Yes
iframe No
image Yes
img Yes
input Yes
ins Yes
isindex No
kbd No
keygen* Yes
label Yes
layer No
legend Yes
li Yes
line Yes
linearGradient Yes
link No
listing Yes
map Yes
mark Yes
marquee Yes
mask Yes
menu Yes
meta No
metadata Yes
meter Yes
missing-glyph Yes
mpath Yes
multicol No
nav Yes
nextid Yes
nobr Yes
noframes Yes
noscript No
object No
ol Yes
optGroup Yes
option Yes
output Yes
p Yes
param No
path Yes
pattern Yes
plaintext Yes
polygon Yes
polyline Yes
pre Yes
progress Yes
q Yes
radialGradient Yes
rb No
rect Yes
rp No
rt Yes
ruby Yes
s Yes
samp Yes
script No
section Yes
select Yes
small Yes
source* Yes
spacer No
span Yes
stop Yes
strike Yes
strong Yes
style Yes
sub Yes
summary Yes
sup Yes
svg Yes
switch Yes
symbol Yes
table

Yes

tBody Yes
td Yes
text Yes
textArea Yes
textPath Yes
tfoot Yes
th Yes
thead Yes
time Yes
title Yes
tr Yes
track* Yes
tref Yes
tspan Yes
tt Yes
u Yes
ul Yes
var No
video Yes
view Yes
vkern Yes
wbr Yes
XML No
XMP Yes

 

The meta element

Whether meta element is safe depends on what attributes and values it has. For example, some attributes can be used to redirect from the current page, but other attributes and values can do helpful things such as specifying the character set for a page.

For this reason, when the system finds a meta element, it processes the element and reads its attributes and values, then outputs a safe version of the meta tag. Regardless of where they were specified in the input HTML, the processed meta tags always appear as the first children of the head element.

Attributes

The next list describes whether an attribute is considered safe. The system throws an exception when it finds an unsafe attribute.

Attribute Related Elements Allowed

Unknown attributes

No

Attributes not legal in the tag

No

abbr

td, th

Yes

a-charset

form

No

a

form, input

No

accessKey

This attribute is allowed for all elements. Yes

action

form

No

aggregator

td, th

No

align

caption

Yes

align

applet, iframe, img, input, object

Yes

align

legend

Yes

align

table

Yes

align

hr

Yes

align

div, h1, h2, h3, h4, h5, h6, p

Yes

align

col, colgroup, tbody, td, tfoot, th, thead, tr

Yes

alt

applet

Yes

alt

area, img

Yes

alt

input

Yes

archive

object

No
aria-* aria attributes are allowed on all elements. Yes

async

Yes

audio

Yes
autocomplete Yes

autofocus

Yes

autoplay

Yes

autostart

embed

No

axis

td, th

No

background

body

Yes

background

TABLE Yes

background

td, TH Yes

behavior

MARQUEE

Yes

BGCOLOR

TABLE

Yes

BGCOLOR

TR

Yes

BGCOLOR

td, th

Yes

BGCOLOR

body

Yes

BGCOLOR

marquee

Yes

bgProperties

body

Yes

border

TABLE

Yes

border

frameset, iframe,

No

border

img, object

Yes

borderColor

frameset, table, td, th, tr

Yes

borderColorDark

table, td, th, tr

Yes

bordercolorlight

table, td, th, tr

Yes

cellPadding

TABLE

Yes

cellSpacing

TABLE

Yes
challenge Yes

char

col, colgroup, tbody, td, tfoot, th, thead, tr

Yes

charoff

col, colgroup, tbody, td, tfoot, th, thead, tr

Yes

charset

a

Yes

charset

link, script

No

charset

meta

Yes

checked

input

Yes

cite

blockquote, q

Yes

cite

del, ins

Yes

class

all elements  but base, head, html, meta, param, script, style, title

Yes

classid

object

No

clear

BR

Yes

code

applet

No

codebase

object

No

codebase

applet

No

codetype

object

No

color

basefont, font

Yes

color

hr

Yes

colfield

td, th

No

cols

FRAMESET

No

cols

TEXTAREA

No

colSpan

td, th

Yes

compact

DIR, dl, menu, ol, ul Yes

content

META

No

coords

area

Yes
contenteditable This attribute is allowed for all elements. Yes
contextmenu This attribute is allowed for all elements.

controls

IMG

No

coords

A

Yes

crosstab

TABLE

No

crosstabgrand

TABLE

No

data

object

No
data-win-bind This attribute is allowed for all elements. Yes
data-win-control This attribute is allowed for all elements. Yes
data-win-fragmentload This attribute is allowed for all elements. Yes
data-win-fragmentload This attribute is allowed for all elements. Yes
data-win-options This attribute is allowed for all elements. Yes
data-win-res This attribute is allowed for all elements. Yes
data-win-resid This attribute is allowed for all elements. Yes

datafield

td, th

No

dataFld

DIV

No

dataFormatAs

DIV

No

dataSrc

div, param

Yes

datetime

del, ins

Yes

declare

object

No

defer

SCRIPT

No
default Yes

dir

This attribute is allowed for all elements.

Yes

direction

MARQUEE

Yes
dirname Yes

disableddisabled

button, input, optgroup, option, select, textarea

Yes

disposition

LINK

No
draggable This attribute is allowed on all elements. Yes
dropzone This attribute is allowed on all elements. Yes

dynsrc

IMG

Yes

enctype

form

No

face

basefont, font

Yes

filter

td, th, tr

No

for

LABEL

No
form Yes
formaction Yes
formenctype Yes
formmethod Yes
formnovalidate Yes
formtarget Yes

formula

TD

No

frame

TABLE

No

frameBorder

frame, iframe

No

frameSpacing

frame, frameset, iframe

No

gutter

MULTICOL

No

headers

td, th

Yes

height

IFRAME

No

height

marquee

Yes

height

td, th, TR Yes

height

img, object, input Yes

height

applet

No

height

table

Yes
hidden This attribute is allowed on all elements. Yes
high Yes

href

a, area, link

Yes

href

base

Yes

hreflang

a, link

Yes

hspace

applet, img, object

Yes

hspace

marquee

Yes

http-Equiv

META

No

id

This attribute is allowed on all elements.

Yes
icon Yes

if

Not in W3C but supported in MSO

No

ifapp

Not in W3C but supported in MSO

No

ismap

img, input

No
keytype Yes
kind Yes

label

OPTION

Yes

label

OPTGROUP

Yes

lang

This attribute is allowed on all elements.

Yes

language

SCRIPT

No

left

LAYER

No

leftmargin

body

Yes

link

body

Yes

longdesc

IMG

Yes

longdesc

frame, iframe

No

loop

BGSOUND, embed, img, MARQUEE

Yes
low Yes

lowsrc

IMG

Yes
manifest Yes

marginHeight

frame, iframe

No

marginWidth

frame, iframe

No
max Yes

maxLength

input

No

media

STYLE

No

media

LINK

No

method

form

No

methods

a, link

No
min Yes
msallowcapture This attribute is allowed on all elements.

msallowclip

This attribute is allowed on all elements.

Yes
mstagchanged

img

Yes

multiple

SELECT

Yes

name

All elements

No

noHref

AREA

No
novalidate Yes

noResize

FRAME

No

noShade

HR

Yes

noWrap

td, th

Yes

ns

Not in W3C but supported in MSO

No

object

applet

No
on* on* attributes (such as onabort) are not allowed on any element. No
open Yes
optimum Yes

pagefield

td, th

No
pattern Yes
placeholder Yes
poster Yes

prefix

Not in W3C but supported in MSO

No
preload Yes

profile

HEAD

No

prompt

ISINDEX

No
pubdate Yes
radiogroup Yes

readonly

TEXTAREA

Yes

readonly

input

Yes

rel

a, link

Yes
required Yes

rev

a, link

Yes
reversed Yes
role This attribute is allowed on all elements. Yes

rowfield

td, th

No

rows

FRAMESET

No

rows

textarea

Yes

rowSpan

td, th

Yes

rules

TABLE

Yes
sandbox Yes
scheme

META

Yes

scope

td, th

Yes
scoped Yes

scrollamount

MARQUEE

Yes

scrolldelay

MARQUEE

Yes

scrolling

frame, iframe

No
seamless Yes
security

iframe

Yes

selected

option

Yes

shape

AREA

Yes

shape

A

Yes

shapes

BGSOUND, img, input, MARQUEE, object, select, textarea

No

size

HR

No

size

FONT

Yes

size

input

Yes

size

BASEFONT

Yes

size

SELECT

Yes

sizes

Yes

span

COL

Yes

span

COLGROUP

Yes
spellcheck This attribute is allowed on all elements. Yes

src

SCRIPT

No

src

input

Yes

src

frame, iframe

No

src

IMG

Yes

src

bgsound

Yes
srcdoc Yes
srclang Yes

standby

object

No

start

OL

Yes
start

img

Yes
step Yes

style

This attribute is allowed on all elements.

Yes

summary

table

Yes

subtotal

td, th

No

tabIndex

a, area, button, input, select, textarea

Yes

tabIndex

object

No

tabIndex

This attribute is allowed on all elements.

Yes

target

a, area, base, form, link

No

text

body

Yes

title

This attribute is allowed on all elements.

Yes

top

LAYER

No

topmargin

body

Yes

type

a, link

Yes

type

object

Yes

type

PARAM

Yes

type

SCRIPT

Yes

type

STYLE

Yes

type

input

No

type

li

Yes

type

OL

Yes

type

UL

Yes

type

BUTTON

No

usemap

img, input, object

Yes

vAlign

col, colgroup, tbody, td, tfoot, th, thead, tr

Yes

vAlign [c41]

caption

Yes

value

input

Yes

value

OPTION

Yes

value

PARAM

No

value

button

Yes

value

LI

Yes

valuetype

PARAM

No

version

html

Yes

vLink

body

Yes

volume

embed

No

vspace

applet, img, object

Yes

vspace [c44]

marquee

Yes
webpartid [c45]

div

Yes

wide

Not in W3C but supported in MSO

No

width

HR

Y

width

IFRAME

Yes

width

img, object, input Yes

width

marquee

Yes

width

table

Yes

width

td, th

Yes

width

applet

No

width

col

Yes

width

colgroup

Yes

width

pre

Yes

wrap

TEXTAREA

Yes
x-ms-flow Yes

 

CSS pseudo-classes, pseudo-elements, and rules

This list describes whether a pseudo-class, pseudo-element, or rule is considered safe. The system throws an exception when it finds an unsafe item.

pseudo-class, pseudo-element, or rule Allowed
Unknown pseudo-classes, pseudo-elements and rules No
!important Yes
:active Yes
:first-letter Yes
:first-line Yes
:hover Yes
:link Yes
:visited Yes
@charset No
@font-face No
@import No
@media Yes
@page Yes

 

CSS properties

The next list describes whether a CSS property is considered safe. The system throws an exception when it finds an unsafe property.

Property Allowed
Unknown properties No
CSS comments (/* comment */) No
-ms-animation Yes
-ms-animation-delay Yes
-ms-animation-direction Yes
-ms-animation-duration Yes
-ms-animation-iteration-count Yes
-ms-animation-name Yes
-ms-animation-play-state Yes
-ms-animation-timing-function Yes
-ms-backface-visibility Yes
-ms-behavior Yes
-ms-box Yes
-ms-box-align Yes
-ms-content-zoom-chaining Yes
-ms-content-zoom-max Yes
-ms-content-zoom-max-style Yes
-ms-content-zoom-min-style Yes
-ms-content-zoom-snap-interval Yes
-ms-content-zoom-snap-start Yes
-ms-content-zoom-snap-style Yes
-ms-content-zoom-snap-type Yes
-ms-content-zooming Yes
-ms-grid Yes
-ms-grid-cell Yes
-ms-grid-column Yes
-ms-grid-column-align Yes
-ms-grid-column-span Yes
-ms-grid-columns Yes
-ms-grid-row Yes
-ms-grid-row-align Yes
-ms-grid-row-span Yes
-ms-perspective Yes
-ms-perspective-origin Yes
-ms-scroll-chaining Yes
-ms-scroll-rails Yes
-ms-scroll-snap-points-x Yes
-ms-scroll-snap-points-y Yes
-ms-scroll-snap-style Yes
-ms-scroll-snap-type Yes
-ms-scroll-snap-x Yes
-ms-scroll-snap-x-interval Yes
-ms-scroll-snap-x-start Yes
-ms-scroll-snap-y Yes
-ms-scroll-snap-y-interval Yes
-ms-scroll-snap-y-start Yes
-ms-scrollbar-3d-light-color Yes
-ms-scrollbar-dark-shadow-color Yes
-ms-transform Yes
-ms-transform-origin Yes
-ms-transform-style Yes
-ms-transition Yes
-ms-transition-delay Yes
-ms-transition-duration Yes
-ms-transition-property Yes
-ms-transition-timing-function Yes
accelerator Yes
alignment-baseline Yes
azimuth Yes
background Yes
background-attachment Yes
background-clip Yes
background-color Yes
background-image Yes
background-origin Yes
background-position Yes
background-position-x Yes
background-position-y Yes
background-repeat Yes
background-size Yes
baseline-shift Yes
behavior Yes
block-direction Yes
border Yes
border-bottom Yes
border-bottom-color Yes
border-bottom-left-radius Yes
border-bottom-right-radius Yes
border-bottom-style Yes
border-bottom-width Yes
border-collapse Yes
border-color Yes
border-left Yes
border-left-color Yes
border-left-style Yes
border-left-width Yes
border-radius Yes
border-right Yes
border-right-color Yes
border-right-style Yes
border-right-width Yes
border-spacing Yes
border-style Yes
border-top Yes
border-top-color Yes
border-top-left-radius Yes
border-top-right-radius Yes
border-top-style Yes
border-top-width Yes
border-width Yes
bottom Yes
box-shadow Yes
break-after Yes
break-before Yes
break-inside Yes
caption-side Yes
clear Yes
clip Yes
clip-bottom Yes
clip-left Yes
clip-path Yes
clip-right Yes
clip-rule Yes
Yes
color Yes
color-interpolation-filters Yes
column-count Yes
column-fill Yes
column-gap Yes
column-rule Yes
column-rule-color Yes
column-rule-style Yes
column-rule-width Yes
column-span Yes
column-width Yes
columns Yes
content Yes
counter-increment Yes
counter-reset Yes
css-float Yes
cue Yes
cue-after Yes
cue-before Yes
cursor Yes
direction Yes
display Yes
dominant-baseline Yes
elevation Yes
empty-cells Yes
fill Yes
fill-opacity Yes
fill-rule Yes
filter Yes
float Yes
flood-color Yes
flood-opacity Yes
font Yes
font-color Yes
font-emphasize Yes
font-emphasize-position Yes
font-emphasize-style Yes
font-family Yes
font-size Yes
font-size-adjust Yes
font-stretch Yes
font-style Yes
font-variant Yes
font-weight Yes
glyph-orientation-horizontal Yes
glyphorientation-vertical Yes
has-layout Yes
height Yes
horiz-align Yes
ime-mode Yes
kerning Yes
language Yes
layout-flow Yes
layout-grid Yes
layout-grid-char Yes
layout-grid-line Yes
layout-grid-mode Yes
layout-grid-type Yes
left Yes
letter-spacing Yes
line-break Yes
line-height Yes
list-image-1 Yes
list-image-2 Yes
list-image-3 Yes
list-style Yes
list-style-image Yes
list-style-position Yes
list-style-type Yes
margin Yes
margin-bottom Yes
margin-left Yes
margin-right Yes
margin-top Yes
marker Yes
marker-end Yes
marker-mid Yes
marker-offset Yes
marker-start Yes
marks Yes
masks Yes
max-width Yes
min-height Yes
min-width Yes
mso-………. No
nav-banner-image Yes
navbutton_background_color Yes
navbutton_home_hovered Yes
navbutton_home_normal Yes
navbutton_home_pushed Yes
navbutton_horiz_hovered Yes
navbutton_horiz_normal Yes
navbutton_horiz_pushed Yes
navbutton_next_hovered Yes
navbutton_next_normal Yes
navbutton_next_pushed Yes
navbutton_prev_hovered Yes
navbutton_prev_normal Yes
navbutton_prev_pushed Yes
navbutton_up_hovered Yes
navbutton_up_normal Yes
navbutton_up_pushed Yes
navbutton_vert_hovered Yes
navbutton_vert_normal Yes
navbutton_vert_pushed Yes
opacity Yes
orphans Yes
outline-color Yes
outline-style Yes
outline-width Yes
overflow Yes
overflow-x Yes
overflow-y Yes
padding Yes
padding-bottom Yes
padding-left Yes
padding-right Yes
padding-top Yes
page Yes
page-break-after Yes
page-break-before Yes
page-break-inside Yes
panose-1 Yes
pause Yes
pause-after Yes
pause-before Yes
pitch Yes
pitch-range Yes
pixel-bottom Yes
pixel-height Yes
pixel-left Yes
pixel-right Yes
pixel-top Yes
pixel-width Yes
play-during Yes
pointer-events Yes
pos-bottom Yes
pos-height Yes
pos-left Yes
pos-right Yes
pos-top Yes
pos-width Yes
position Yes
punctuation-trim Yes
punctuation-wrap Yes
quotes Yes
richness Yes
right Yes
row-span Yes
ruby-align Yes
ruby-overhang Yes
ruby-position Yes
scrollbar-3dlight-color Yes
scrollbar-arrow-color Yes
scrollbar-base-color Yes
scrollbar-dark-shadow-color Yes
scrollbar-face-color Yes
scrollbar-highlight-color Yes
scrollbar-shadow-color Yes
scrollbar-track-color Yes
separator-image Yes
size Yes
speak Yes
speak-header Yes
speak-numeral Yes
speak-punctuation Yes
speech-rate Yes
src Yes
stop-color Yes
stop-opacity Yes
stress Yes
stroke yes
stroke-dasharray Yes
stroke-dashoffset Yes
stroke-linecap Yes
stroke-linejoin Yes
stroke-miterlimit Yes
stroke-opacity Yes
stroke-width Yes
style-float Yes
tab-interval Yes
table-border-color-dark Yes
table-border-color-light Yes
table-layout Yes
tab-stops Yes
text-anchor Yes
text-align Yes
text-align-last Yes
text-autospace Yes
text-combine Yes
text-decoration Yes
text-decoration-blink Yes
text-decoration-line-through Yes
text-decoration-none Yes
text-decoration-overline Yes
text-decoration-underline Yes
text-effect Yes
text-fit Yes
text-indent Yes
text-justify Yes
text-justify-trim Yes
text-kashida Yes
text-kashida-space Yes
text-line-through Yes
text-overflow Yes
text-shadow Yes
text-transform Yes
text-underline Yes
text-underline-color Yes
text-underline-position Yes
text-underline-style Yes
top Yes
top-bar-button Yes
unicode-bidi Yes
version Yes
vert-align Yes
vertical-align Yes
visibility Yes
voice-family Yes
volume Yes
white-space Yes
width Yes
windows Yes
word-break Yes
word-spacing Yes
word-wrap Yes
writing-mode Yes
z-index Yes
zoom Yes

 

Smart tags

toStaticHTML removes all smart tags and related attributes.

URIs and Schemes

toStaticHTML blocks these schemes and removes them from HTML it processes:

  • about:
  • cdl:
  • data:
  • dvd:
  • file:
  • its:
  • javascript:
  • local:
  • mhtml:
  • mk:
  • ms-help:
  • ms-its:
  • res:
  • tv:
  • vbscript:

URIs must be well-formed. toStaticHTML blocks malformed URIs and removes them from HTML it processes.