This documentation is archived and is not being maintained.

BoundField::HtmlEncode Property

Updated: May 2011

Gets or sets a value indicating whether field values are HTML-encoded before they are displayed in a BoundField object.

Namespace:  System.Web.UI.WebControls
Assembly:  System.Web (in System.Web.dll)

public:
virtual property bool HtmlEncode {
	bool get ();
	void set (bool value);
}

Property Value

Type: System::Boolean
true if field values are HTML-encoded before they are displayed in a BoundField object; otherwise, false. The default is true.

Use the HtmlEncode property to specify whether field values are HTML-encoded to their respective string representations before they are displayed in a BoundField object. For example, if this property is true, the string "<script>" is rendered as "&lt;script&gt;". If this property is false, the string is rendered unchanged.

NoteNote:

HTML-encoding field values helps to prevent cross-site scripting attacks and malicious content from being displayed. This property should be enabled whenever possible.

The following code example demonstrates how to use the HtmlEncode property to prevent field values from being HTML-encoded before being displayed in a BoundField object.

No code example is currently available or this language may not be supported.

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0

Date

History

Reason

May 2011

Added a sentence with an example of how a string is rendered.

Customer feedback.

Show: