Encodes input strings for use in universal resource locators (URLs).
Namespace: Microsoft.Security.Application
Assembly: AntiXssLibrary40 (in AntiXssLibrary40.dll) Version: 4.2.0.0
Syntax
| C# |
|---|
public static string UrlEncode( string input, Encoding inputEncoding ) |
| Visual Basic |
|---|
Public Shared Function UrlEncode ( _ input As String, _ inputEncoding As Encoding _ ) As String |
| Visual C++ |
|---|
public: static String^ UrlEncode( String^ input, Encoding^ inputEncoding ) |
Parameters
- input
- Type: System..::..String
String to be encoded.
- inputEncoding
- Type: System.Text..::..Encoding
Input encoding type.
Return Value
Encoded string for use in URLs.Remarks
This function encodes the output as per the encoding parameter (codepage) passed to it. It encodes
all but known safe characters. Characters are encoded using %SINGLE_BYTE_HEX and %DOUBLE_BYTE_HEX notation.
If the inputEncoding is null then UTF-8 is assumed by default.
Safe characters include:
Example inputs and encoded outputs:
| a-z | Lower case alphabet |
| A-Z | Upper case alphabet |
| 0-9 | Numbers |
| . | Period |
| - | Dash |
| _ | Underscore |
| ~ | Tilde |
| alert('XSSあAttack!'); | alert%28%27XSS%82%a0Attack%21%27%29%3b |
| [email protected] | user%40contoso.com |
| Anti-Cross Site Scripting Library | Anti-Cross%20Site%20Scripting%20Library |
