Menu
The HttpUtility class provides for both encoding and decoding. But, when I use the MS AntiXSS 3.1 Library I have a set of methods only for encoding, does this mean decoding can be avoided?
For example
Before applying AntiXSS:
lblName.Text = "ABC" + "<script> alert('Inject'); </script";
After applying AntiXSS:
lblName.Text = AntiXSS.HTMLEncode("ABC" + "<script> alert('Inject'); </script");
So, after applying the encoding, the HTML tags show up in my Label control.
Is this the desired outcome?
532
You can use the HttpUtility.HtmlDecode method to decode AntiXss encoded text (or any encoded text). No explicit AntiXss decode is required.
119
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
