Merge remote-tracking branch 'origin/6.2.0' into 7.0.1

Conflicts:
	src/Umbraco.Web.UI/umbraco/LiveEditing/Modules/SkinModule/ModuleInjector.aspx
	src/Umbraco.Web.UI/umbraco/Umbraco.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/LiveEditing/Modules/SkinModule/ImageUploader.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/dashboard.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/developer/Cache/viewCacheItem.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/developer/Macros/assemblyBrowser.aspx.cs

src/Umbraco.Core/StringExtensions.cs

@@ -63,6 +63,19 @@ namespace Umbraco.Core
             return mName;
         }
 
+        /// <summary>
+        /// Cleans string to aid in preventing xss attacks.
+        /// </summary>
+        /// <param name="input"></param>
+        /// <returns></returns>
+        internal static string CleanForXss(this string input)
+        {
+            //remove any html
+            input = input.StripHtml();
+            //strip out any potential chars involved with XSS
+            return input.ExceptChars(new HashSet<char>("*?(){}[];:%<>/\\|&'\"".ToCharArray()));
+        }
+
         public static string ExceptChars(this string str, HashSet<char> toExclude)
         {
             var sb = new StringBuilder(str.Length);