HttpEncoder::HtmlEncode Method (String^, TextWriter^)

.NET Framework (current version)

Encodes a string into an HTML-encoded string.

Namespace:   System.Web.Util
Assembly:  System.Web (in System.Web.dll)

public protected:
virtual void HtmlEncode(
	String^ value,
	TextWriter^ output


Type: System::String^

The string to encode.

Type: System.IO::TextWriter^

The text writer to write the encoded value to.

Exception Condition

output is null.

The following table lists the character sequences that the ASP.NET encoding logic can decode.


Encoded as

< (left angle bracket)


> (right angle bracket)


" (double quotation marks)


& (ampersand)


\ (backslash)


ASCII characters from 160 to 255

&#NNN;, where NNN is the three-digit decimal character code

If you override the HtmlEncode method, you must produce output that is also safe within double-quoted or single-quoted HTML attributes. This accommodates parsing by the Razor engine, where markup and code can be combined, such as <tag attr="@value">. In addition, the @ operator is not context-aware when processed by the Razor engine, therefore it calls HtmlEncode rather than HtmlAttributeEncode.

.NET Framework
Available since 4.0
Return to top