Home
C#
HtmlEncode and HtmlDecode
This page was last reviewed on Oct 10, 2023.
Dot Net Perls
HtmlEncode, HtmlDecode. HTML must sometimes be encoded. This is necessary for it to be displayed as text in another HTML document.
HttpUtility.HtmlEncode
With WebUtility.HtmlEncode and HtmlDecode, we do this without writing any custom code. We just call a method. We must include the System.Net assembly.
An example. Here we use HtmlEncode and HtmlDecode in a C# program. The System.Net assembly is included at the top of the program.
Part 1 The HtmlEncode method is designed to receive a string that contains HTML markup characters.
Part 2 HtmlDecode, meanwhile, is designed to reverse those changes. It changes encoded characters back to actual HTML.
using System; using System.Net; // Part 1: encode this string. string encoded = WebUtility.HtmlEncode("<b>Hello 'friend'</b>"); // Part 2: reverse the change. string decoded = WebUtility.HtmlDecode(encoded); // Print results. Console.WriteLine("ENCODED: {0}", encoded); Console.WriteLine("DECODED: {0}", decoded);
ENCODED: &lt;b&gt;Hello &#39;friend&#39;&lt;/b&gt; DECODED: <b>Hello 'friend'</b>
Example 2. HtmlEncode and HtmlDecode are also built into the Server objects in ASP.NET. These methods have no advantages over the HttpUtility methods. They are equivalent.
Here We see 3 methods. The first 2 return an encoded or decoded string, and the HtmlTextWriter uses a method called WriteEncodedText.
Note This may be more efficient, as it could avoid a string copy. I tested these methods with breakpoints.
HtmlTextWriter
using System; using System.IO; using System.Web; using System.Web.UI; public partial class _Default : Page { protected void Page_Load(object sender, EventArgs e) { // This could mess up HTML. string text = "you & me > them"; // 1 // Replace > with > string htmlEncoded = Server.HtmlEncode(text); // 2 // Now has the > again. string original = Server.HtmlDecode(htmlEncoded); // 3 // This is how you can access the Server in any class. string alsoEncoded = HttpContext.Current.Server.HtmlEncode(text); // 4 StringWriter stringWriter = new StringWriter(); using (HtmlTextWriter writer = new HtmlTextWriter(stringWriter)) { // Write a DIV with encoded text. writer.RenderBeginTag(HtmlTextWriterTag.Div); writer.WriteEncodedText(text); writer.RenderEndTag(); } string html = stringWriter.ToString(); // 5 } }
1: Before encoding has occurred. String: you & me > them 2: The string is encoded for HTML. String: you &amp; me &gt; them 3: String is converted back from HTML. String: you & me > them 4: The string is encoded for HTML again. String: you &amp; me &gt; them 5: The HTML string is written into a DIV. Text: <div>you &amp; me &gt; them</div>
Notes. The WebUtility class is an effective way to encode HTML and URLs in programs. Call WebUtility.HtmlDecode and WebUtility.HtmlEncode on your strings.
Performance. I found Server.HtmlEncode and Server.HtmlDecode to be much faster than a home-grown version that used StringBuilder. Usually it is best to use the Framework methods.
StringBuilder
Summary. These methods provide reliable replacement of HTML characters. HtmlEncode and HtmlDecode also handle character entities. These are sequences that represent non-ASCII characters.
Dot Net Perls is a collection of tested code examples. Pages are continually updated to stay current, with code correctness a top priority.
Sam Allen is passionate about computer languages. In the past, his work has been recommended by Apple and Microsoft and he has studied computers at a selective university in the United States.
This page was last updated on Oct 10, 2023 (edit).
Home
Changes
© 2007-2024 Sam Allen.