CssEncode Method

Microsoft AntiXSS Library

Collapse imageExpand ImageCopy imageCopyHover image
Encodes the specified string for use in Cascading Style Sheet (CSS) attributes. The return value from this function is expected to be used in building an attribute string. CSS string attributes should be quoted values.

Namespace: Microsoft.Security.Application
Assembly: AntiXssLibrary40 (in AntiXssLibrary40.dll) Version: 4.2.0.0

Syntax

C#
public static string CssEncode(
	string input
)
Visual Basic
Public Shared Function CssEncode ( _
	input As String _
) As String
Visual C++
public:
static String^ CssEncode(
	String^ input
)

Parameters

input
Type: System..::..String
String to be encoded.

Return Value

Encoded string for use in CSS element values.

Remarks

This method encodes all characters except those that are in the safe list. The following table lists the default safe characters.
Unicode Code ChartCharacters(s)Description
C0 Controls and Basic LatinA-ZUppercase alphabetic letters
C0 Controls and Basic Latina-zLowercase alphabetic letters
C0 Controls and Basic Latin0-9Numbers
The CSS character escape sequence consists of a backslash character (\) followed by up to six hexadecimal digits that represent a character code from the ISO 10646 standard. (The ISO 10646 standard is effectively equivalent to Unicode.) Any character other than a hexadecimal digit terminates the escape sequence. If a character that follows the escape sequence is also a valid hexadecimal digit, it must either include six digits in the escape sequence or use a whitespace character to terminate the escape sequence. For example, \000020 denotes a space.

See Also