HttpServerUtility.HtmlEncode HttpServerUtility.HtmlEncode HttpServerUtility.HtmlEncode HttpServerUtility.HtmlEncode Method

Definition

Encodes a string to be displayed in a browser.

To encode or decode values outside of a web application, use the WebUtility class.

Overloads

HtmlEncode(String) HtmlEncode(String) HtmlEncode(String) HtmlEncode(String)

HTML-encodes a string and returns the encoded string.

HtmlEncode(String, TextWriter) HtmlEncode(String, TextWriter) HtmlEncode(String, TextWriter) HtmlEncode(String, TextWriter)

HTML-encodes a string and sends the resulting output to a TextWriter output stream.

HtmlEncode(String) HtmlEncode(String) HtmlEncode(String) HtmlEncode(String)

HTML-encodes a string and returns the encoded string.

public:
 System::String ^ HtmlEncode(System::String ^ s);
public string HtmlEncode (string s);
member this.HtmlEncode : string -> string
Public Function HtmlEncode (s As String) As String
Parameters
s
String String String String

The text string to encode.

Returns

The HTML-encoded text.

Examples

The following example shows how to HTML-encode a value that potentially codes unsafe code. The code resides in the code-behind file for a web page. The value to encode is hard-coded in this example only to simplify the example and show the type of value you might HTML-encode. Typically, you would HTML-encode a value that you received from the user or the request. Result refers to a Literal control.

public partial class _Default : Page
{        
    protected void Page_Load(object sender, EventArgs e)
    {
        Result.Text = Server.HtmlEncode("<script>unsafe</script>");      
    } 
}
Public Class _Default
    Inherits Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
        Result.Text = Server.HtmlEncode("<script>unsafe</script>")
    End Sub
End Class

The next example is similar to the previous example except it shows how to HTML-encode a value from within a class that is not in the code-behind file.

public class SampleClass
{
    public string GetEncodedText()
    {
        return HttpContext.Current.Server.HtmlEncode("<script>unsafe</script>");
    }
}
Public Class SampleClass
    Public Function GetEncodedText() As String
        Return HttpContext.Current.Server.HtmlEncode("<script>unsafe</script>")
    End Function
End Class

Remarks

HTML encoding makes sure that text is displayed correctly in the browser and not interpreted by the browser as HTML. For example, if a text string contains a less than sign (<) or greater than sign (>), the browser would interpret these characters as the opening or closing bracket of an HTML tag. When the characters are HTML encoded, they are converted to the strings &lt; and &gt;, which causes the browser to display the less than sign and greater than sign correctly.

This method is a convenient way to access the HttpUtility.HtmlEncode method at run time from an ASP.NET application. Internally, this method uses HttpUtility.HtmlEncode to encode strings.

In the code-behind file for an ASP.NET web page, access an instance of the HttpServerUtility class through the Server property. In a class that is not in a code-behind file, use HttpContext.Current.Server to access an instance of the HttpServerUtility class.

Outside of a web application, use the WebUtility class to encode or decode values.

HtmlEncode(String, TextWriter) HtmlEncode(String, TextWriter) HtmlEncode(String, TextWriter) HtmlEncode(String, TextWriter)

HTML-encodes a string and sends the resulting output to a TextWriter output stream.

public:
 void HtmlEncode(System::String ^ s, System::IO::TextWriter ^ output);
public void HtmlEncode (string s, System.IO.TextWriter output);
member this.HtmlEncode : string * System.IO.TextWriter -> unit
Public Sub HtmlEncode (s As String, output As TextWriter)
Parameters
s
String String String String

The string to encode.

output
TextWriter TextWriter TextWriter TextWriter

The TextWriter output stream that contains the encoded string.

Examples

The following example encodes a string for transmission by HTTP. It encodes the string named TestString, which contains the text "This is a <Test String>.", and copies it into the string named EncodedString as "This is a <Test String>.".

String TestString = "This is a <Test String>.";
StringWriter writer = new StringWriter();
Server.HtmlEncode(TestString, writer);
String EncodedString = writer.ToString();
   
Dim TestString As String = "This is a <Test String>."
Dim writer As New StringWriter
Server.HtmlEncode(TestString, writer)
Dim EncodedString As String = writer.ToString()
   

Remarks

HTML encoding ensures that text will be correctly displayed in the browser, not interpreted by the browser as HTML. For example, if a text string contains a less than sign (<) or greater than sign (>), the browser would interpret these characters as an opening or closing bracket of an HTML tag. The HTML encoding of these two characters is &lt; and &gt;, respectively, which causes the browser to display the less than sign and greater than sign correctly.

HtmlEncode is a convenient way to access the HttpUtility.HtmlEncode method at run time from an ASP.NET application. Internally, HtmlEncode uses HttpUtility.HtmlEncode to encode strings.

To encode or decode values outside of a web application, use the WebUtility class.

Applies to