Differences in several HtmlEncode (forwarding)

Problem:

Httputility.htmldecode, Httputility.htmlencode and Server.htmldecode, Server.HTMLEncode and HttpServerUtility.HtmlDecode , what's the difference between HttpServerUtility.HtmlEncode?

What is the difference between them and the code that is generally hand-written below?

 Public Static stringHTMLEncodestringstr) {        if(str = =NULL|| str = ="")            return ""; STR= str. Replace (">","&gt;"); STR= str. Replace ("<","&lt;"); STR= str. Replace (" ","&nbsp;"); STR= str. Replace ("  ","&nbsp;"); STR= str. Replace ("\"","&quot;"); STR= str. Replace ("\ '","'"); STR= str. Replace ("\ n","<br/>"); returnstr;}

Answer:

HtmlEncode: Encodes characters that are not allowed in Html source files, usually encoding the following characters <, >, &, and so on.

HtmlDecode: Just related to HtmlEncode, decoding the original character.

The HtmlEncode method of the HttpServerUtility entity class is a convenient way to access the System.Web.HttpUtility.HtmlEncode method from an ASP. NET Web application at run time. The HtmlEncode method of the HttpServerUtility entity class internally encodes the string using System.Web.HttpUtility.HtmlEncode.

Server.HTMLEncode is actually the HtmlEncode method of the HttpServerUtility entity class encapsulated by the System.Web.UI.Page class; The System.Web.UI.Page class has one of these properties: Publi C HttpServerUtility Server {get;}

So we can say:

Server.htmldecode = HtmlDecode method of httpserverutility entity class = Httputility.htmldecode;

Server.HTMLEncode = HtmlEncode method of httpserverutility entity class = Httputility.htmlencode;

They were just for the convenience of the call and did the encapsulation.

In ASP, the characters of the Server.HTMLEncode Method filter are described as follows:

If the string is not DBCS-encoded. This method converts the following characters:

Less-than character (<)	&lt;
Greater-than character (>)	&gt;
Ampersand character (&)	&amp;
Double-quote character (")	&quot;
Any ASCII code character whose code was Greater-than or equal to 0x80	&#<number>, where <number> is the ASCII character value.

If it is a DBCS code

• All extended characters is converted.
• Any ASCII code character whose code are Greater-than or equal to 0x80 are converted to &#<number>, where <numbe R> is the ASCII character value.
• Half-width Katakana characters in the Japanese code page is not converted.

Related information:

Server.HTMLEncode Method

Http://msdn.microsoft.com/en-us/library/ms525347.aspx

The same is the case in ASP.

Here is a simple replacement test code, followed by a comment after the test results:

protected voidPage_Load (Objectsender, EventArgs e) {Testchar ("<");//less than sign replacement &lt;Testchar (">");//greater than sign replacement &gt;Testchar ("'");//single quote replace 'Testchar (" ");//Half-width English spaces do not replaceTestchar (" ");//full-width Chinese spaces do not replaceTestchar ("&");//& Replace &amp;Testchar ("\"");//English double quotation mark substitution &quot;Testchar ("\ n");//carriage returns do not replaceTestchar ("\ r");//carriage returns do not replaceTestchar ("\ r \ n");//carriage returns do not replace} Public voidTestchar (stringt)    {Response.Write (Server.HTMLEncode (t)); Response.Write ("__");    Response.Write (Httputility.htmlencode (t)); Response.Write ("<br/>");}

So the usual replacement method we mentioned above is still very useful, and he has also handled some substitutions that Httputility.htmlencode not support.

 Public Static stringHTMLEncodestringstr) {    if(str = =NULL|| str = ="")        return ""; STR= str. Replace (">","&gt;"); STR= str. Replace ("<","&lt;"); STR= str. Replace (" ","&nbsp;");//Httputility.htmlencode (This replacement is not supportedstr = str. Replace ("  ","&nbsp;");//Httputility.htmlencode (This replacement is not supportedstr = str. Replace ("\"","&quot;"); STR= str. Replace ("\ '","'"); STR= str. Replace ("\ n","<br/>");//Httputility.htmlencode (This replacement is not supported    returnstr;}

We use Reflector to view the implementation of the Httputility.htmlencode, and we can see that it only considers five cases, spaces, and the carriage return is not handled:

Using Reflector to view the Httputility.htmlencode implementation code, the most important code is as follows:

 Public Static unsafe voidHtmlEncode (stringvalue, TextWriter output) {    if(Value! =NULL)    {        if(Output = =NULL)        {            Throw NewArgumentNullException ("Output"); }        intnum = Indexofhtmlencodingchars (value,0); if(num = =-1) {output.        Write (value); }        Else        {            intnum2 = value. Length-num; fixed(Char* str = ((Char*value)) {Char* Chptr =str; Char* CHPTR2 =chptr;  while(num-->0) {chPtr2++; Output. Write (chptr2[0]); }                 while(num2-->0) {chPtr2++; CharCH = chptr2[0]; if(Ch <='>')                    {                        Switch(CH) { Case '&': {output. Write ("&amp;"); Continue; }                             Case '\ '': {output. Write ("'"); Continue; }                             Case '"': {output. Write ("&quot;"); Continue; }                             Case '<': {output. Write ("&lt;"); Continue; }                             Case '>': {output. Write ("&gt;"); Continue; }} output.                        Write (CH); Continue; }                    if(Ch >='\x00a0') && (Ch <'ā') {output. Write (" the"); Output. Write ( (int) ch).                        ToString (Numberformatinfo.invariantinfo)); Output. Write (';'); }                    Else{output.                    Write (CH); }                }            }        }    }} 

Resources:

The difference between Httputility.htmldecode and Server.htmldecode

Http://topic.csdn.net/u/20090220/11/110c8079-1632-418a-b43b-3ddb2f0a06e2.html

A few details about how to use the encoding method when building a Web site

Http://blog.miniasp.com/?tag=/htmlencode

The. NET Framework Class Library Httputility.htmlencode method for Silverlight

Http://msdn.microsoft.com/zh-cn/library/system.windows.browser.httputility.htmlencode (vs.95). aspx

Httputility.htmlencode () and HttpServerUtility.HtmlEncode () do not encode all non-ascii characters

https://connect.microsoft.com/VisualStudio/feedback/details/102251/ httputility-htmlencode-and-httpserverutility-htmlencode-do-not-encode-all-non-ascii-characters?wa=wsignin1.0

Transferred from: Http://blog.joycode.com/ghj/archives/2010/02/26/115894.joy

Differences in several HtmlEncode (forwarding)