HtmlFormUrlEncode Method (String, Int32)

Microsoft AntiXSS Library

Collapse imageExpand ImageCopy imageCopyHover image
Encodes input strings for use in application/x-www-form-urlencoded form submissions.

Namespace: Microsoft.Security.Application
Assembly: AntiXssLibrary40 (in AntiXssLibrary40.dll) Version: 4.2.0.0

Syntax

C#
public static string HtmlFormUrlEncode(
	string input,
	int codePage
)
Visual Basic
Public Shared Function HtmlFormUrlEncode ( _
	input As String, _
	codePage As Integer _
) As String
Visual C++
public:
static String^ HtmlFormUrlEncode(
	String^ input, 
	int codePage
)

Parameters

input
Type: System..::..String
String to be encoded.
codePage
Type: System..::..Int32
Codepage number of the input.

Return Value

Encoded string for use in URLs.

Remarks

This function encodes the output as per the encoding parameter (codepage) passed to it. It encodes all but known safe characters. Characters are encoded using %SINGLE_BYTE_HEX and %DOUBLE_BYTE_HEX notation. Safe characters include:
a-zLower case alphabet
A-ZUpper case alphabet
0-9Numbers
.Period
-Dash
_Underscore
~Tilde
Example inputs and encoded outputs:
alert('XSSあAttack!');alert%28%27XSS%82%a0Attack%21%27%29%3b
[email protected]user%40contoso.com
Anti-Cross Site Scripting LibraryAnti-Cross+Site+Scripting+Library

See Also