Seok Chern's Blog | ASP.NET 4 HTML Encode

ASP.NET 4 HTML Encode

June 3, 2010 at 2:15 AM —

HTML encode is very important as it can help to prevent XSS and HTML injection attack.

Before asp.net 4, developer will need to use ,

<%= Server.HtmlEncode(what.ever.message) %>

Server.HtmlEncode function to encode the message.

Now, with ASP.NET 4, you can use

<% : what.ever.message %>

to encode your message.

So, is basically putting " : " in between <% %> and it will help you.

Hope you find this useful.

70fdc64c-113a-47f5-91c0-cb56212b6f35|1|5.0

ASP.NET Security Vulnerability"It affect all kind of application which run on top of ASP.NET framework which include ASP.NET ...Extensionless URLs do not find .cshtml/.vbhtml files on IIS 7 or IIS 7.5Issue: Extensionless URLs do not find .cshtml/.vbhtml files on IIS 7 or IIS 7.5 On IIS 7 or IIS 7...ASP.NET MVC 3 Release CandidateASP.NET MVC 3 Release Candidate had been annouce released by ASP.NET team yesterday (10-Nov-2010). ...