How do I prevent '&' to convert in '&amp' while xml serialization in ASP.NET Web API?

Question

I am creating a booking service using ASP.NET Web API,

For which response Model is something like this:

[XmlRoot("RateList")]
public class RateList
{
    [XmlElement("Rate")]
    public List<Rate> Rate { get; set; }

}
public class Rate
{
    [XmlAttribute("Code")]
    public string Code { get; set; }
    [XmlAttribute("ErrorMessage")]
    public string ErrorMessage { get; set; }
     [XmlElement("RoomRate")]
    public List<RoomRate> RoomRate { get; set; }
}
public class RoomRate
{
    [XmlAttribute("URL")]
    public string URL { get; set; }
}

Response must be of XML format, so I have serialized as of below,

return Request.CreateResponse<RateList>(HttpStatusCode.OK, objRateList, Configuration.Formatters.XmlFormatter);

my Global.asax File

WebApiConfig.Register(GlobalConfiguration.Configuration);
        var xml = GlobalConfiguration.Configuration.Formatters.XmlFormatter;
        xml.UseXmlSerializer = true;

The actual response must be like this:

<RateList 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <Rate Code="174511">
        <RoomRate URL="https://somedomain.com/planning/booking?start=2015-06-02&end=2015-06-04&id=174511&adults=2&childAges=0&room=1"/>
</Rate>
</RateList>

But currently I receive response as of below, in which "&" changes to "&":

<RateList 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <Rate Code="174511">
        <RoomRate URL="https://somedoamin.com/planning/booking?start=2015-06-02&amp;end=2015-06-04&amp;id=174511&amp;adults=2&amp;childAges=0&amp;room=1"/>
</Rate>
</RateList>

How to avoid this change in my response ?

Thanks In advance.

Answer 1

This is correct behaviour. If it was not escaped, the XML would be ill-formed (that is, a parser would must report an error and fail to parse it). If you want to generate XML, you have to escape the & characters.

The value of the attributes contains an &. The way to represent it, lexically, in XML is to write it as &. If you parse the XML and ask, say, the value of the attribute as a string, you will see it has been decoded properly by the parser.

You can think about it like the way you escape special characters in a Java or a C++ string, using backslashes. The string value does not contain any backslash, but you have to use them to represent lexically some special characters.

Answer 2

You have two mutually contradictory requirements:

(a) the output should be XML

(b) the output should contain an unescaped "&"

XML can't contain an unescaped ampersand.