Fixing Cross-site Scripting in ASP.NET
The HtmlEncode() method can be used when displaying text directly inside HTML tags using block:
<% = Microsoft.Security.Application.AntiXss.HtmlEncode(this.txtName.Text) %>
The HtmlEncode() method can be used when displaying text directly inside HTML tags using block:
<% = Microsoft.Security.Application.AntiXss.HtmlEncode(this.txtName.Text) %>
One thought on “Fixing Cross-site Scripting in ASP.NET”