ASPxHtmlEditorUriValidationContext Class
Identifies the context of an URL validation request in a ASPxHtmlEditor component.
Namespace: DevExpress.Web.ASPxHtmlEditor
Assembly: DevExpress.Web.ASPxHtmlEditor.v25.2.dll
NuGet Package: DevExpress.Web
Declaration
Remarks
The ASPxHtmlEditor component and its MVC, Bootstrap, and Core counterparts validate URL schemes to prevent potential threats.
To override URL validation behavior, handle the UriValidated event. In the event handler, an ASPxHtmlEditorUriValidationContext instance identifies the ASPxHtmlEditor component initiated the URL validation (using the Editor property). Note that Editor property value can be null in the following cases:
- You import documents that contain external images.
- You insert images via the UI, clipboard, or API.
The following code snippet enables requests to internal network resources in the specified DevExpress.Web.ASPxHtmlEditor component:
using System;
using DevExpress.Security.Resources;
using DevExpress.Web.ASPxHtmlEditor;
protected void Application_Start(object sender, EventArgs e) {
AccessSettings.UriValidated += OnUriValidated;
}
void OnUriValidated(object sender, UriValidatedEventArgs e) {
// Checks if a validation request comes from ASPxHtmlEditor
if(e.ValidationContext is ASPxHtmlEditorUriValidationContext htmlEditorContext) {
var editor = htmlEditorContext.Editor;
if(editor != null && editor.ID == "MyHtmlEditor" && e.Uri != null) {
// Specifies allowed hosts
if(e.Uri.IdnHost.Equals("localhost", StringComparison.OrdinalIgnoreCase)) {
e.Valid = true;
}
}
}
}
Refer to the following help topic for additional information: Safe URL Validation.