With WebUtility.HtmlEncode and HtmlDecode, we do this without writing any custom code. We just call a method. We must include the System.Net assembly.
An example. Here we use HtmlEncode and HtmlDecode in a C# program. The System.Net assembly is included at the top of the program.
Detail The HtmlEncode method is designed to receive a string that contains HTML markup characters such as > and <.
Detail HtmlDecode, meanwhile, is designed to reverse those changes. It changes encoded characters back to actual HTML.
using System;
using System.Net;
class Program
{
static void Main()
{
// Part A: encode this string.
string encoded = WebUtility.HtmlEncode("<b>Hello 'friend'</b>");
// Part B: reverse the change.
string decoded = WebUtility.HtmlDecode(encoded);
// Print results.
Console.WriteLine("ENCODED: {0}", encoded);
Console.WriteLine("DECODED: {0}", decoded);
}
}ENCODED: <b>Hello 'friend'</b>
DECODED: <b>Hello 'friend'</b>
Example 2. HtmlEncode and HtmlDecode are also built into the Server objects in ASP.NET. These methods have no advantages over the HttpUtility methods. They are equivalent.
Here We see 3 methods. The first 2 return an encoded or decoded string, and the HtmlTextWriter uses a method called WriteEncodedText.
Note This may be more efficient, as it could avoid a string copy. I tested these methods with breakpoints.
using System;
using System.IO;
using System.Web;
using System.Web.UI;
public partial class _Default : Page
{
protected void Page_Load(object sender, EventArgs e)
{
// This could mess up HTML.
string text = "you & me > them"; // 1// Replace > with >
string htmlEncoded = Server.HtmlEncode(text); // 2// Now has the > again.
string original = Server.HtmlDecode(htmlEncoded); // 3// This is how you can access the Server in any class.
string alsoEncoded = HttpContext.Current.Server.HtmlEncode(text); // 4
StringWriter stringWriter = new StringWriter();
using (HtmlTextWriter writer = new HtmlTextWriter(stringWriter))
{
// Write a DIV with encoded text.
writer.RenderBeginTag(HtmlTextWriterTag.Div);
writer.WriteEncodedText(text);
writer.RenderEndTag();
}
string html = stringWriter.ToString(); // 5
}
} 1: Before encoding has occurred.
String: you & me > them
2: The string is encoded for HTML.
String: you & me > them
3: String is converted back from HTML.
String: you & me > them
4: The string is encoded for HTML again.
String: you & me > them
5: The HTML string is written into a DIV.
Text: <div>you & me > them</div>
Notes. The WebUtility class is an effective way to encode HTML and URLs in programs. Call WebUtility.HtmlDecode and WebUtility.HtmlEncode on your strings.
Performance. I found Server.HtmlEncode and Server.HtmlDecode to be much faster than a home-grown version that used StringBuilder. Usually it is best to use the Framework methods.
A summary. These methods provide reliable replacement of HTML characters. HtmlEncode and HtmlDecode also handle character entities. These are sequences that represent non-ASCII characters.
Dot Net Perls is a collection of tested code examples. Pages are continually updated to stay current, with code correctness a top priority.
Sam Allen is passionate about computer languages. In the past, his work has been recommended by Apple and Microsoft and he has studied computers at a selective university in the United States.
