cdub
Reputation: 25711
Html Encode in ASP.NET Web Control
I have a file called TopicTree.ascx.cs which I am trying to output encoded strings like so:
string subject = reader.IsDBNull(0) ? string.Empty : reader.GetString(0);
string topic = reader.IsDBNull(1) ? string.Empty : reader.GetString(1);
subject = subject.Trim();
topic = topic.Trim();
string en_subject = Server.HtmlEncode(subject);
string en_topic = Server.HtmlEncode(topic);
string output = string.Format("<li><a href=\"searchresults.aspx?type=topics&subject={1}&topic={2}\" style=\"cursor: pointer;\">{0}</a></li>", topic, en_subject, en_topic);
But when I actually see the output on the screen, it isn't encoded. What's wrong?
Upvotes: 2
Views: 3897
Answers (1)
nekno
Reputation: 19267
For the link URL, you want Server.UrlEncode() instead of Server.HtmlEncode().
But for the link display, you want Server.HtmlEncode(topic) on the topic as well.
Upvotes: 5