HttpServerUtility.HtmlEncode Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Encodes a string to be displayed in a browser.
To encode or decode values outside of a web application, use the WebUtility class.
Overloads
| HtmlEncode(String) |
HTML-encodes a string and returns the encoded string. |
| HtmlEncode(String, TextWriter) |
HTML-encodes a string and sends the resulting output to a TextWriter output stream. |
HtmlEncode(String)
HTML-encodes a string and returns the encoded string.
public:
System::String ^ HtmlEncode(System::String ^ s);public string HtmlEncode (string s);member this.HtmlEncode : string -> stringPublic Function HtmlEncode (s As String) As StringParameters
- s
- String
The text string to encode.
Returns
The HTML-encoded text.
Examples
The following example shows how to HTML-encode a value that potentially codes unsafe code. The code resides in the code-behind file for a web page. The value to encode is hard-coded in this example only to simplify the example and show the type of value you might HTML-encode. Typically, you would HTML-encode a value that you received from the user or the request. Result refers to a Literal control.
public partial class _Default : Page
{
protected void Page_Load(object sender, EventArgs e)
{
Result.Text = Server.HtmlEncode("<script>unsafe</script>");
}
}
Public Class _Default
Inherits Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
Result.Text = Server.HtmlEncode("<script>unsafe</script>")
End Sub
End Class
The next example is similar to the previous example except it shows how to HTML-encode a value from within a class that is not in the code-behind file.
public class SampleClass
{
public string GetEncodedText()
{
return HttpContext.Current.Server.HtmlEncode("<script>unsafe</script>");
}
}
Public Class SampleClass
Public Function GetEncodedText() As String
Return HttpContext.Current.Server.HtmlEncode("<script>unsafe</script>")
End Function
End Class
Remarks
HTML encoding makes sure that text is displayed correctly in the browser and not interpreted by the browser as HTML. For example, if a text string contains a less than sign (<) or greater than sign (>), the browser would interpret these characters as the opening or closing bracket of an HTML tag. When the characters are HTML encoded, they are converted to the strings < and >, which causes the browser to display the less than sign and greater than sign correctly.
This method is a convenient way to access the HttpUtility.HtmlEncode method at run time from an ASP.NET application. Internally, this method uses HttpUtility.HtmlEncode to encode strings.
In the code-behind file for an ASP.NET web page, access an instance of the HttpServerUtility class through the Server property. In a class that is not in a code-behind file, use HttpContext.Current.Server to access an instance of the HttpServerUtility class.
Outside of a web application, use the WebUtility class to encode or decode values.
Applies to
HtmlEncode(String, TextWriter)
HTML-encodes a string and sends the resulting output to a TextWriter output stream.
public:
void HtmlEncode(System::String ^ s, System::IO::TextWriter ^ output);public void HtmlEncode (string s, System.IO.TextWriter output);member this.HtmlEncode : string * System.IO.TextWriter -> unitPublic Sub HtmlEncode (s As String, output As TextWriter)Parameters
- s
- String
The string to encode.
- output
- TextWriter
The TextWriter output stream that contains the encoded string.
Examples
The following example encodes a string for transmission by HTTP. It encodes the string named TestString, which contains the text "This is a <Test String>.", and copies it into the string named EncodedString as "This is a <Test String>.".
String TestString = "This is a <Test String>.";
StringWriter writer = new StringWriter();
Server.HtmlEncode(TestString, writer);
String EncodedString = writer.ToString();
Dim TestString As String = "This is a <Test String>."
Dim writer As New StringWriter
Server.HtmlEncode(TestString, writer)
Dim EncodedString As String = writer.ToString()
Remarks
HTML encoding ensures that text will be correctly displayed in the browser, not interpreted by the browser as HTML. For example, if a text string contains a less than sign (<) or greater than sign (>), the browser would interpret these characters as an opening or closing bracket of an HTML tag. The HTML encoding of these two characters is < and >, respectively, which causes the browser to display the less than sign and greater than sign correctly.
HtmlEncode is a convenient way to access the HttpUtility.HtmlEncode method at run time from an ASP.NET application. Internally, HtmlEncode uses HttpUtility.HtmlEncode to encode strings.
To encode or decode values outside of a web application, use the WebUtility class.
