ASP.NET 4 HTML Encode

June 3, 2010 at 2:15 AM

HTML encode is very important as it can help to prevent XSS and HTML injection attack.

Before asp.net 4, developer will need to use ,

<%= Server.HtmlEncode(what.ever.message) %>

Server.HtmlEncode function to encode the message.

Now, with ASP.NET 4, you can use

<% : what.ever.message %>

to encode your message.

So, is basically putting " : " in between <% %> and it will help you.

Hope you find this useful.

Posted in: MVP | Technical Stuff

Tags: