JavaScriptEncode Method (String)

Microsoft AntiXSS Library

Collapse imageExpand ImageCopy imageCopyHover image
Encodes input strings for use in JavaScript.

Namespace: Microsoft.Security.Application
Assembly: AntiXssLibrary40 (in AntiXssLibrary40.dll) Version: 4.2.0.0

Syntax

C#
public static string JavaScriptEncode(
	string input
)
Visual Basic
Public Shared Function JavaScriptEncode ( _
	input As String _
) As String
Visual C++
public:
static String^ JavaScriptEncode(
	String^ input
)

Parameters

input
Type: System..::..String
String to be encoded.

Return Value

Encoded string for use in JavaScript.

Remarks

This function encodes all but known safe characters. Characters are encoded using \xSINGLE_BYTE_HEX and \uDOUBLE_BYTE_HEX notation. Safe characters include:
a-zLower case alphabet
A-ZUpper case alphabet
0-9Numbers
,Comma
.Period
-Dash
_Underscore
Space
Other International character ranges
Example inputs and encoded outputs:
alert('XSS Attack!');'alert\x28\x27XSS Attack\x21\x27\x29\x3b'
[email protected]'user\x40contoso.com'
Anti-Cross Site Scripting Library'Anti-Cross Site Scripting Library'

See Also