UrlEncode Method (String, Encoding)

Microsoft AntiXSS Library

Collapse imageExpand ImageCopy imageCopyHover image
Encodes input strings for use in universal resource locators (URLs).

Namespace: Microsoft.Security.Application
Assembly: AntiXssLibrary40 (in AntiXssLibrary40.dll) Version: 4.2.0.0

Syntax

C#
public static string UrlEncode(
	string input,
	Encoding inputEncoding
)
Visual Basic
Public Shared Function UrlEncode ( _
	input As String, _
	inputEncoding As Encoding _
) As String
Visual C++
public:
static String^ UrlEncode(
	String^ input, 
	Encoding^ inputEncoding
)

Parameters

input
Type: System..::..String
String to be encoded.
inputEncoding
Type: System.Text..::..Encoding
Input encoding type.

Return Value

Encoded string for use in URLs.

Remarks

This function encodes the output as per the encoding parameter (codepage) passed to it. It encodes all but known safe characters. Characters are encoded using %SINGLE_BYTE_HEX and %DOUBLE_BYTE_HEX notation. If the inputEncoding is null then UTF-8 is assumed by default. Safe characters include:
a-zLower case alphabet
A-ZUpper case alphabet
0-9Numbers
.Period
-Dash
_Underscore
~Tilde
Example inputs and encoded outputs:
alert('XSSあAttack!');alert%28%27XSS%82%a0Attack%21%27%29%3b
[email protected]user%40contoso.com
Anti-Cross Site Scripting LibraryAnti-Cross%20Site%20Scripting%20Library

See Also