I have something like this inside my View: <pre class="prettyprint"><code>@String.Format("{0} &copy; Copyright by Nemanja", DateTime.Now.Year); </code></pre> However, this is escaping my <code>&</code> into <code>&amp;</code>. Is there any way to bypass this?

You're looking for <code>@Html.Raw(...)</code>, which will prevent that and create an XSS hole instead. In your case, you can get rid of it entirely: <pre class="prettyprint"><code>@DateTime.Now.Year &copy; Copyright by Nemanja </code></pre>

You can: <pre class="prettyprint"><code>@Html.Raw(String.Format("{0} &copy; Copyright by Nemanja", DateTime.Now.Year)); </code></pre>

How to print HTML entities using String.Format

Tags:

c#

razor

asp.net-mvc-4

I have something like this inside my View:

@String.Format("{0} &copy; Copyright by Nemanja", DateTime.Now.Year);

However, this is escaping my & into &. Is there any way to bypass this?

878

asked Dec 01 '22 18:12

Nemanja Boric

2 Answers

You're looking for @Html.Raw(...), which will prevent that and create an XSS hole instead.

In your case, you can get rid of it entirely:

@DateTime.Now.Year &copy; Copyright by Nemanja

145

answered Dec 31 '22 05:12

SLaks

You can:

@Html.Raw(String.Format("{0} &copy; Copyright by Nemanja", DateTime.Now.Year));

answered Dec 31 '22 06:12

Fals

Recent Activity
Apple Pay - authorize.net returns error 153 only when live, sandbox works
How to continue cursor loop even error occured in the loop
python find all neighbours of a given node in a list of lists
Fatal error: Call to a member function setColumn() on a non-object in Magento
Count how many of each value from a field with MySQL and PHP
Python 32-bit development on 64-bit Windows [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With