documentation.HELP! Microsoft AntiXSS Library Documentation

XmlEncode Method

Microsoft AntiXSS Library

previous page next page

Collapse AllExpand All      Code: All Code: Multiple Code: C# Code: Visual Basic Code: Visual C++

C#Visual Basic
Visual C++

Microsoft AntiXSS Library

Encoder..::..XmlEncode Method

Encoder Class See Also

Encodes input strings for use in XML.

Namespace: Microsoft.Security.Application
Assembly: AntiXssLibrary40 (in AntiXssLibrary40.dll) Version: 4.2.0.0

Syntax

C#
public static string XmlEncode( string input )

Visual Basic
Public Shared Function XmlEncode ( _ input As String _ ) As String

Visual C++
public: static String^ XmlEncode( String^ input )

Parameters

input

Type: System..::..String
String to be encoded.

Return Value

Encoded string for use in XML.

Remarks

This function encodes all but known safe characters. Characters are encoded using &#DECIMAL; notation. Safe characters include:

a-z	Lower case alphabet
A-Z	Upper case alphabet
0-9	Numbers
,	Comma
.	Period
-	Dash
_	Underscore
	Space

The safe list may be adjusted using MarkAsSafe(LowerCodeCharts, LowerMidCodeCharts, MidCodeCharts, UpperMidCodeCharts, UpperCodeCharts). Example inputs and encoded outputs:

alert('XSS Attack!');	alert('XSS Attack!');
[email protected]	[email protected]
Anti-Cross Site Scripting Library	Anti-Cross Site Scripting Library

See Also

Encoder Class

Microsoft.Security.Application Namespace

(c) 2008, 2009, 2010, 2011 Microsoft Corporation. All rights reservered.

previous page start next page

Get in touch

Submit feedback about this site to:

• [email protected]