Difference between special tags asp.net

Question

I\'m developing a front-end part of an application right now, and a question came to my mind.

What is the difference between asp.net special tags:

&l         


        

Answer 1

• <%= prints the raw value of the expression within.
  This syntax can cause XSS vulnerabilities and should not be used.

• <%: prints and HTML-escapes the value of the expression within.

• <%# is like <%=, but is used for data-binding

• <% executes a block of code and ignores and return values

• <%@ is used for directives like Page or Imports.