Menu
i am building up a string on the server that is getting put into a javascript variable on the client.
what is the best of encoding this to avoid any issues
right now on the server i am doing something like this:
html = html.Replace("'", "'");
but i assume there is a more elegant fool proof way of doing stuff like this.
292
' is the HTML character coding for an apostrophe ('), so if you see “don't” or “can't” this means that the words “don't” or “can't” are being represented by ecards.
An entity name, entity number, or hexadecimal can be used to add special characters/symbols to an HTML webpage. One such symbol is the apostrophe. There are three methods for adding an apostrophe in HTML: The apostrophe symbol.
The two types of apostrophes are apostrophes of possession and contraction.
On a PC, try Alt+0146 using the numeric keypad; on a Mac, press Option-Shift-]. In Word (the PC version), type the number 2019 (the Unicode number for an apostrophe) and then press Alt+X. (Alt+X works both ways: put your cursor to the right of any character and then press the combination to reveal its Unicode number.)
You're really better off using the Microsoft Anti-Cross Site Scripting Library to do this. They provide a JavaScriptEncode method that does what you want:
Microsoft.Security.Application.AntiXss.JavaScriptEncode("My 'Quotes' and ""more"".", False)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
