HttpResponse.HeaderEncoding 属性


获取或设置一个 Encoding 对象,该对象表示当前标头输出流的编码。Gets or sets an Encoding object that represents the encoding for the current header output stream.

 property System::Text::Encoding ^ HeaderEncoding { System::Text::Encoding ^ get(); void set(System::Text::Encoding ^ value); };
public System.Text.Encoding HeaderEncoding { get; set; }
member this.HeaderEncoding : System.Text.Encoding with get, set
Public Property HeaderEncoding As Encoding



包含当前标头的字符集相关信息的 EncodingAn Encoding that contains information about the character set for the current header.


编码值为 nullThe encoding value is null.

编码值为 UnicodeThe encoding value is Unicode.


已发送标头。The headers have already been sent.


HeaderEncoding属性使您能够 Encoding 通过使用 ASCIIEncodingUnicodeEncodingUTF7Encoding 或对象来禁用或更改响应标头上的对象 UTF8EncodingThe HeaderEncoding property gives you the ability to disable or change the Encoding object on a response header by using the ASCIIEncoding, UnicodeEncoding, UTF7Encoding, or UTF8Encoding object. 默认编码值为 UTF8Encoding 类。The default encoding value is the UTF8Encoding class.

通过更改属性的类型 HeaderEncoding ,可能会增加某些恶意攻击的风险,或导致通过响应标头发送敏感数据。By changing the type of the HeaderEncoding property, you can potentially increase the risk of certain malicious attacks or cause sensitive data to be sent through the response header. 在部分中,可以通过将 HeaderEncoding 响应的属性保留为默认设置来避免标头注入攻击。Header injection attacks can be avoided, in part, by leaving the HeaderEncoding property of a response to the default setting. 对易受攻击的应用程序的攻击可能会回显受保护的数据,作为响应标头的一部分。An attack against a vulnerable application could echo back entrusted data as part of a response header. 如果 HeaderEncoding 因为标头中的延续行要求而禁用,或者根据不受信任的数据的结果构造了任何标头,则应在发送到响应流之前验证标头数据。If the HeaderEncoding is disabled because of a requirement for continuation lines in a header or if any header is constructed based on the result of untrusted data, the header data should be validated before sending to the response stream.