dotnet-api-docs
dotnet-api-docs copied to clipboard
dotnet
Two examples for each override of HtmlEncode incorrectly encode the (Space) character
Type of issue
Code doesn't work
Description
Two of the code examples given for HtmlEncode(String, Boolean) and for HtmlEncode(String, TextWriter) incorrectly encode the (Space) character.
| Code Example | Incorrect Encoding | Correct Encoding |
|---|---|---|
| alert('XSS Attack!'); | alert('XSS Attack!'); |
alert('XSS Attack!'); |
| "Anti-Cross Site Scripting Namespace" | "Anti-Cross Site Scripting Namespace" |
"Anti-Cross Site Scripting Namespace" |
Page URL
https://learn.microsoft.com/en-us/dotnet/api/system.web.security.antixss.antixssencoder.htmlencode?view=netframework-4.8
Content source URL
https://github.com/dotnet/dotnet-api-docs/blob/main/xml/System.Web.Security.AntiXss/AntiXssEncoder.xml
Document Version Independent Id
6789ad2b-05d7-e3fe-97b3-27e6ce8d971f
Article author
@Rick-Anderson
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
@gewarren where should this be reported. I'm surprised this hasn't been discovered before.
The following program shows it's not
HtmlEncodeing" "space.@gewarren where should this be reported. I'm surprised this hasn't been discovered before.
Maybe on DevComm? https://developercommunity.visualstudio.com/home
