Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Automatically HtmlEncode strings when the model is serialized with Json.Net

Tags:

c#

serialization

html-encode

json.net

Is there a way to configure Json.Net to automatically encode all strings like HtmlEncode(myString) when the model is serialized?

like image 720
Buda Gavril Avatar asked May 22 '17 14:05

Buda Gavril

People also ask

What is HtmlEncode asp net?

HtmlEncode is a convenient way to access the HttpUtility. HtmlEncode method at run time from an ASP.NET application. Internally, HtmlEncode uses HttpUtility. HtmlEncode to encode strings. To encode or decode values outside of a web application, use the WebUtility class.

What is Jsonserializersettings?

Specifies the settings on a JsonSerializer object. Newtonsoft.Json.

Should JSON be HTML encoded?

So if you are intending to write JSON into the html as part of Javascript (a very common use), you need to encode JSON contents to HTML unfortunately. It's much better to avoid this and download data separately. those are some very good points!

1 Answers

Try this:

var json = JObject.Parse("{'Name':'<script>alert(1);</script>'}");
var serializerSettings = new JsonSerializerSettings()
{
    StringEscapeHandling = StringEscapeHandling.EscapeHtml
};
var result = JsonConvert.SerializeObject(json, serializerSettings);

result will be:

{"Name":"\u003cscript\u003ealert(1);\u003c/script\u003e"}
like image 104
Mohammad Nikravan Avatar answered Sep 22 '22 06:09

Mohammad Nikravan
Sign in to Comment

Related questions

How do I programmatically press Enter?
Simple Injector conditional injection
How to make a sprite clickable?
Simple existing implementation of ICollection<T>
Getting a SemanticModel of a cshtml file?
Entity Framework References go missing between debug and release build
Does C# 6.0's String interpolation rely on Reflection?
Combine multiple dictionaries with same key in them into one dictionary with the sum of values
C# 6.0, .NET 4.51 and VS2015 - Why does string interpolation work?
Get local time based on coordinates
Deserializing JSON into an object
Entity Framework 7 migration not creating tables
Cannot serialize the DataTable. DataTable name is not set
Checkout A Project With Git And Visual Studio
Can't download HTML data from https URL using htmlagilitypack
Unity: Null while making new class instance
Why does KeyValuePair not override Equals() and GetHashCode()?
Last cell in row and column in Epplus - C#
why to have private setter in entity
Running xunit.net tests in VSTS

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!