AntiXssEncoder 类
定义
编码 HTML、XML、CSS 和 URL 使用的字符串。Encodes a string for use in HTML, XML, CSS, and URL strings.
public ref class AntiXssEncoder : System::Web::Util::HttpEncoder
public class AntiXssEncoder : System.Web.Util.HttpEncoder
type AntiXssEncoder = class
inherit HttpEncoder
Public Class AntiXssEncoder
Inherits HttpEncoder
- 继承
注解
您可以使用 AntiXssEncoder 类重写 HttpEncoder 默认情况下用于在类的方法(如、和)中对字符串进行编码和解码的类 HttpUtility HttpServerUtility HttpResponseHeader 。You can use the AntiXssEncoder class to override the HttpEncoder class that is used by default to encode and decode strings in methods of classes such as HttpUtility, HttpServerUtility, and HttpResponseHeader.
在 AntiXssEncoder 类中,在安全列表中找不到的所有字符都由 HtmlAttributeEncode 和方法进行编码 HtmlEncode 。In the AntiXssEncoder class, all characters that are not found in the safe list are encoded by the HtmlAttributeEncode and HtmlEncode methods.
若要将 HttpEncoder 类替换为 AntiXssEncoder 类,请使用 encoderType Web.config 文件中的 httpRuntime 元素的特性注册它,如以下示例中所示:To replace the HttpEncoder class with the AntiXssEncoder class, register it using the encoderType attribute of the httpRuntime element in the Web.config file, as shown in following example:
<httpRuntime encoderType="System.Web.Security.AntiXss.AntiXssEncoder" />
可在 HtmlAttributeEncode 、、 HtmlEncode XmlAttributeEncode 和方法的 "备注" 中找到不同编码方法的默认安全字符列表 XmlEncode 。A list of default safe characters for different encoding methods can be found in the remarks for the HtmlAttributeEncode, HtmlEncode, XmlAttributeEncode, and XmlEncode methods. 可以使用方法修改默认安全列表 MarkAsSafe 。The default safe list can be modified by using the MarkAsSafe method.
构造函数
| AntiXssEncoder() |
初始化 AntiXssEncoder 类的新实例。Initializes a new instance of the AntiXssEncoder class. |
方法
| CssEncode(String) |
为级联样式表(CSS)编码指定字符串。Encodes the specified string for use in cascading style sheets (CSS). |
| Equals(Object) |
确定指定对象是否等于当前对象。Determines whether the specified object is equal to the current object. (继承自 Object) |
| GetHashCode() |
作为默认哈希函数。Serves as the default hash function. (继承自 Object) |
| GetType() |
获取当前实例的 Type。Gets the Type of the current instance. (继承自 Object) |
| HeaderNameValueEncode(String, String, String, String) |
将标头名称和值编码为可用作 HTTP 标头的字符串。Encodes a header name and value into a string that can be used as an HTTP header. (继承自 HttpEncoder) |
| HtmlAttributeEncode(String, TextWriter) |
编码并输出用于 HTML 特性的指定字符串。Encodes and outputs the specified string for use in an HTML attribute. |
| HtmlDecode(String, TextWriter) |
解码 HTML 编码的字符串中的值。Decodes a value from an HTML-encoded string. (继承自 HttpEncoder) |
| HtmlEncode(String, Boolean) |
编码指定字符串作为 HTML 标记文本使用,且可选择性地指定是否使用 HTML 4.0 命名的实体。Encodes the specified string for use as text in HTML markup and optionally specifies whether to use HTML 4.0 named entities. |
| HtmlEncode(String, TextWriter) |
编码指定字符串作为 HTML 标记文本使用,且通过指定文本读写器输出字符串。Encodes the specified string for use as text in HTML markup and outputs the string by using the specified text writer. |
| HtmlFormUrlEncode(String) |
为 MIME 类型为 "application/x-www-form-urlencoded" 的窗体提交编码指定字符串。Encodes the specified string for use in form submissions whose MIME type is "application/x-www-form-urlencoded". |
| HtmlFormUrlEncode(String, Encoding) |
通过使用指定字符编码类型,为 MIME 类型为 "application/x-www-form-urlencoded" 的窗体提交编码指定字符串。Encodes the specified string for form submissions whose MIME type is "application/x-www-form-urlencoded" by using the specified character encoding type. |
| HtmlFormUrlEncode(String, Int32) |
通过使用指定代码页,为 MIME 类型为 "application/x-www-form-urlencoded" 的窗体提交编码指定字符串。Encodes the specified string for use in form submissions whose MIME type is "application/x-www-form-urlencoded" by using the specified code page. |
| JavaScriptStringEncode(String) |
对字符串进行编码。Encodes a string. (继承自 HttpEncoder) |
| MarkAsSafe(LowerCodeCharts, LowerMidCodeCharts, MidCodeCharts, UpperMidCodeCharts, UpperCodeCharts) |
标记指定的 Unicode 代码字符作为安全标记。Marks characters from the specified Unicode code charts as safe. |
| MemberwiseClone() |
创建当前 Object 的浅表副本。Creates a shallow copy of the current Object. (继承自 Object) |
| ToString() |
返回表示当前对象的字符串。Returns a string that represents the current object. (继承自 Object) |
| UrlEncode(Byte[], Int32, Int32) |
编码用于 URL 的指定字节数组,从字节数组指定的偏移开始,并解码指定字节数。Encodes the specified byte array for use in a URL, starting at the specified offset in the byte array and encoding the specified number of bytes. |
| UrlEncode(String) |
为 URL 编码指定字符串。Encodes the specified string for use in a URL. |
| UrlEncode(String, Encoding) |
通过使用指定字符编码类型为 URL 编码指定字符。Encodes the specified string for use in a URL by using the specified character encoding type. |
| UrlEncode(String, Int32) |
通过使用指定代码页为 URL 编码指定字符。Encodes the specified string for use in a URL by using the specified code page. |
| UrlPathEncode(String) |
编码用于 URL 的路径字符串。Encodes path strings for use in a URL. |
| XmlAttributeEncode(String) |
为 XML 特性编码指定字符串。Encodes the specified string for use in XML attributes. |
| XmlEncode(String) |
为 XML 特性编码指定字符串。Encodes the specified string for use in XML attributes. |