documentation.HELP! Microsoft AntiXSS Library Documentation

JavaScriptEncode Method (String)

Microsoft AntiXSS Library

previous page next page

Collapse AllExpand All      Code: All Code: Multiple Code: C# Code: Visual Basic Code: Visual C++

C#Visual Basic
Visual C++

Microsoft AntiXSS Library

Encoder..::..JavaScriptEncode Method (String)

Encoder Class See Also

Encodes input strings for use in JavaScript.

Namespace: Microsoft.Security.Application
Assembly: AntiXssLibrary40 (in AntiXssLibrary40.dll) Version: 4.2.0.0

Syntax

C#
public static string JavaScriptEncode( string input )

Visual Basic
Public Shared Function JavaScriptEncode ( _ input As String _ ) As String

Visual C++
public: static String^ JavaScriptEncode( String^ input )

Parameters

input

Type: System..::..String
String to be encoded.

Return Value

Encoded string for use in JavaScript.

Remarks

This function encodes all but known safe characters. Characters are encoded using \xSINGLE_BYTE_HEX and \uDOUBLE_BYTE_HEX notation. Safe characters include:

a-z	Lower case alphabet
A-Z	Upper case alphabet
0-9	Numbers
,	Comma
.	Period
-	Dash
_	Underscore
	Space
	Other International character ranges

Example inputs and encoded outputs:

alert('XSS Attack!');	'alert\x28\x27XSS Attack\x21\x27\x29\x3b'
[email protected]	'user\x40contoso.com'
Anti-Cross Site Scripting Library	'Anti-Cross Site Scripting Library'

See Also

Encoder Class

JavaScriptEncode Overload

Microsoft.Security.Application Namespace

(c) 2008, 2009, 2010, 2011 Microsoft Corporation. All rights reservered.

previous page start next page

Get in touch

Submit feedback about this site to:

• [email protected]