ASP.NET MVC2 -- How is Html.Encode() used?

783 Views Asked by DarkLightA At 15 January 2011 at 15:23

How is Html.Encode() used? What is its purpose, and how is it useful?

There are 2 best solutions below

Oded On 15 January 2011 at 15:26 BEST ANSWER

It HTML encodes the passed it text - this escapes things to avoid certain types of attacks, such as XSS.

For example:

Html.Encode("<script>alert('hi');</alert>")

Will result in:

&lt;script&gt;alert('hi');&lt;/script&gt;

Being output to the page. This ensures that the script will not run.

Chris On 15 January 2011 at 15:29

It encodes tags found in text into their html equiv. For example if '&' was received it would be changed into '&'

Hope this helps.