HttpEncoder.HtmlEncode Method (String, TextWriter)

.NET Framework (current version)

Encodes a string into an HTML-encoded string.

Namespace:   System.Web.Util
Assembly:  System.Web (in System.Web.dll)

protected internal virtual void HtmlEncode(
	string value,
	TextWriter output


Type: System.String

The string to encode.

Type: System.IO.TextWriter

The text writer to write the encoded value to.

Exception Condition

output is null.

The following table lists the character sequences that the ASP.NET encoding logic can decode.


Encoded as

< (left angle bracket)


> (right angle bracket)


" (double quotation marks)


& (ampersand)


\ (backslash)


ASCII characters from 160 to 255

&#NNN;, where NNN is the three-digit decimal character code

If you override the HtmlEncode method, you must produce output that is also safe within double-quoted or single-quoted HTML attributes. This accommodates parsing by the Razor engine, where markup and code can be combined, such as <tag attr="@value">. In addition, the @ operator is not context-aware when processed by the Razor engine, therefore it calls HtmlEncode rather than HtmlAttributeEncode.

.NET Framework
Available since 4.0
Return to top