HttpUtility..::.HtmlEncode Method (String)

.NET Framework Class Library

Converts a string to an HTML-encoded string.

Namespace:  System.Web
Assembly:  System.Web (in System.Web.dll)

 Syntax

Visual Basic (Declaration)

Public Shared Function HtmlEncode ( _
    s As String _
) As String

Visual Basic (Usage)

Dim s As String
Dim returnValue As String

returnValue = HttpUtility.HtmlEncode(s)

C#

public static string HtmlEncode(
    string s
)

Visual C++

public:
static String^ HtmlEncode(
    String^ s
)

JScript

public static function HtmlEncode(
    s : String
) : String

Parameters

s

Type: System..::.String
The string to encode.

Return Value

Type: System..::.String
An encoded string.

 Remarks

If characters such as blanks and punctuation are passed in an HTTP stream, they might be misinterpreted at the receiving end. HTML encoding converts characters that are not allowed in HTML into character-entity equivalents; HTML decoding reverses the encoding. For example, when embedded in a block of text, the characters < and > are encoded as &lt; and &gt; for HTTP transmission.

 Examples

The following code example demonstrates the HtmlEncode and HtmlDecode methods of the HttpUtility class. The input string is encoded using the HtmlEncode method. The encoded string obtained is then decoded using the HtmlDecode method.

Visual Basic

Imports System
Imports System.Web
Imports System.IO

Class MyNewClass
   Public Shared Sub Main()
      Dim myString As String
      Console.WriteLine("Enter a string having '&' or '""'  in it: ")
      myString = Console.ReadLine()
      Dim myEncodedString As String
      ' Encode the string.
      myEncodedString = HttpUtility.HtmlEncode(myString)
      Console.WriteLine("HTML Encoded string is " + myEncodedString)
      Dim myWriter As New StringWriter()
      ' Decode the encoded string.
      HttpUtility.HtmlDecode(myEncodedString, myWriter)
      Console.Write("Decoded string of the above encoded string is " + myWriter.ToString())
   End Sub 'Main
End Class 'MyNewClass

C#

using System;
using System.Web;
using System.IO;

   class MyNewClass
   {
      public static void Main()
      {
         String myString;
         Console.WriteLine("Enter a string having '&' or '\"'  in it: ");
         myString=Console.ReadLine();
         String myEncodedString;
         // Encode the string.
         myEncodedString = HttpUtility.HtmlEncode(myString);
         Console.WriteLine("HTML Encoded string is "+myEncodedString);
         StringWriter myWriter = new StringWriter();
         // Decode the encoded string.
         HttpUtility.HtmlDecode(myEncodedString, myWriter);
         Console.Write("Decoded string of the above encoded string is "+
                        myWriter.ToString());
      }
   }

 Platforms

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

 Version Information

.NET Framework

Supported in: 3.5, 3.0, 2.0, 1.1, 1.0

 See Also

Reference

HttpUtility Class

HttpUtility Members

HtmlEncode Overload

System.Web Namespace

HtmlDecode

Other Resources

How to: Protect Against Script Exploits in a Web Application by Applying HTML Encoding to Strings