Escape text for HTML

后端 未结 9 801
别那么骄傲
别那么骄傲 2020-11-28 04:50

How do i escape text for html use in C#? I want to do

sample=\"blah\"

and have

blah&l         


        
相关标签:
9条回答
  • 2020-11-28 05:15

    If you're using .NET 4 or above and you don't want to reference System.Web, you can use WebUtility.HtmlEncode from System

    var encoded = WebUtility.HtmlEncode(unencoded);
    

    This has the same effect as HttpUtility.HtmlEncode and should be preferred over System.Security.SecurityElement.Escape.

    0 讨论(0)
  • 2020-11-28 05:17

    .NET 4.0 and above:

    using System.Web.Security.AntiXss;
    //...
    var encoded = AntiXssEncoder.HtmlEncode("input", useNamedEntities: true);
    
    0 讨论(0)
  • 2020-11-28 05:20

    nobody has mentioned yet, in ASP.NET 4.0 there's new syntax to do this. instead of

    <%= HttpUtility.HtmlEncode(unencoded) %>
    

    you can simply do

    <%: unencoded %>
    

    read more here: http://weblogs.asp.net/scottgu/archive/2010/04/06/new-lt-gt-syntax-for-html-encoding-output-in-asp-net-4-and-asp-net-mvc-2.aspx

    0 讨论(0)
  • 2020-11-28 05:21

    For those in the future looking for a simple way to do this in Razor pages, use the following:

    In .cshtml:

    @Html.Raw(Html.Encode("<span>blah<span>"))
    

    In .cshtml.cs:

    string rawHtml = Html.Raw(Html.Encode("<span>blah<span>"));
    
    0 讨论(0)
  • 2020-11-28 05:31

    You can use actual html tags <xmp> and </xmp> to output the string as is to show all of the tags in between the xmp tags.

    Or you can also use on the server Server.UrlEncode or HttpUtility.HtmlEncode.

    0 讨论(0)
  • 2020-11-28 05:35
    using System.Web;
    
    var encoded = HttpUtility.HtmlEncode(unencoded);
    
    0 讨论(0)
提交回复
热议问题