如何在C#中转义html使用的文本?我想做
sample="<span>blah<span>"
并且
<span>blah<span>
显示为纯文本而不是blah只与html的标签部分:(。 使用C#而不是ASP
答案 0 :(得分:173)
using System.Web;
var encoded = HttpUtility.HtmlEncode(unencoded);
答案 1 :(得分:79)
此外,如果您不想使用System.Web程序集,则可以使用此选项:
var encoded = System.Security.SecurityElement.Escape(unencoded)
根据this article,System.Security.SecurityElement.Escape()和System.Web.HttpUtility.HtmlEncode()之间的区别在于前者还会对撇号(')字符进行编码。
答案 2 :(得分:42)
如果您使用的是.NET 4或更高版本而您不想引用System.Web,则可以使用System中的WebUtility.HtmlEncode
var encoded = WebUtility.HtmlEncode(unencoded);
这与HttpUtility.HtmlEncode具有相同的效果,应优先于System.Security.SecurityElement.Escape。
答案 3 :(得分:19)
没有人提到过,在ASP.NET 4.0中有新的语法来执行此操作。而不是
<%= HttpUtility.HtmlEncode(unencoded) %>
你可以简单地做
<%: unencoded %>
答案 4 :(得分:5)
您可以使用实际的html标记<xmp>和</xmp>按字母顺序输出字符串,以显示xmp标记之间的所有标记。
或者您也可以在服务器Server.UrlEncode或HttpUtility.HtmlEncode上使用。
答案 5 :(得分:5)
.NET 4.0及更高版本:
using System.Web.Security.AntiXss;
//...
var encoded = AntiXssEncoder.HtmlEncode("input", useNamedEntities: true);
答案 6 :(得分:1)
这里没有看到这个
System.Web.HttpUtility.JavaScriptStringEncode("Hello, this is Satan's Site")
在处理这样的html时,它是唯一有效的(asp 4.0+)。 '在html中呈现为'(使用htmldecode),导致其失败:
<a href="article.aspx?id=268" onclick="tabs.open('modules/xxx/id/268', 'It's Allstars'); return false;">It's Allstars</a>
答案 7 :(得分:0)
有一些特殊的引号字符,这些字符不会被HtmlEncode删除,也不会像“和”那样正确显示在Edge或IE中。你可以用下面的函数扩展替换这些字符。
public function getDetails($paramBasicDetails = FALSE)
{
$itemData = $this->getDataFromDatabaseById($this->elementId);
if(!is_null($itemData))
{
$image1_Folder = $itemData['demo_image_1'] == 1 ? $GLOBALS['NRS_DEMO_GALLERY_URL'] : $GLOBALS['NRS_GALLERY_URL'];
$image2_Folder = $itemData['demo_image_2'] == 1 ? $GLOBALS['NRS_DEMO_GALLERY_URL'] : $GLOBALS['NRS_GALLERY_URL'];
$image3_Folder = $itemData['demo_image_3'] == 1 ? $GLOBALS['NRS_DEMO_GALLERY_URL'] : $GLOBALS['NRS_GALLERY_URL'];
// Extend $item with additional details
$itemData['item_description_page_url'] = $itemData['item_description_page_id'] != 0 ? get_permalink($itemData['item_description_page_id']) : "";
$itemData['manufacturer_title'] = $this->getManufacturerTitle($itemData['manufacturer_id']);
$itemData['body_type_title'] = $this->getBodyTypeTitle($itemData['body_type_id']);
$itemData['fuel_type_title'] = $this->getFuelTypeTitle($itemData['fuel_type_id']);
$itemData['transmission_type_title'] = $this->getTransmissionTypeTitle($itemData['transmission_type_id']);
$itemData['mini_thumb_url'] = $itemData['item_image_1'] != "" ? $image1_Folder."mini_thumb_".$itemData['item_image_1'] : "";
$itemData['thumb_url'] = $itemData['item_image_1'] != "" ? $image1_Folder."thumb_".$itemData['item_image_1'] : "";
$itemData['big_thumb_url'] = $itemData['item_image_1'] != "" ? $image1_Folder."big_thumb_".$itemData['item_image_1'] : "";
$itemData['image_url'] = $itemData['item_image_1'] != "" ? $image1_Folder.$itemData['item_image_1'] : "";
$itemData['mini_thumb_2_url'] = $itemData['item_image_2'] != "" ? $image2_Folder."mini_thumb_".$itemData['item_image_2'] : "";
$itemData['thumb_2_url'] = $itemData['item_image_2'] != "" ? $image2_Folder."thumb_".$itemData['item_image_2'] : "";
$itemData['big_thumb_2_url'] = $itemData['item_image_2'] != "" ? $image2_Folder."big_thumb_".$itemData['item_image_2'] : "";
$itemData['image_2_url'] = $itemData['item_image_2'] != "" ? $image2_Folder.$itemData['item_image_2'] : "";
$itemData['mini_thumb_3_url'] = $itemData['item_image_3'] != "" ? $image3_Folder."mini_thumb_".$itemData['item_image_3'] : "";
$itemData['thumb_3_url'] = $itemData['item_image_3'] != "" ? $image3_Folder."thumb_".$itemData['item_image_3'] : "";
$itemData['big_thumb_3_url'] = $itemData['item_image_3'] != "" ? $image3_Folder."big_thumb_".$itemData['item_image_3'] : "";
$itemData['image_3_url'] = $itemData['item_image_3'] != "" ? $image3_Folder.$itemData['item_image_3'] : "";
$itemData['print_mileage'] = $itemData['mileage'] == "" ? $this->lang->getText('NRS_UNLIMITED_TEXT') : $itemData['mileage']."".$this->measurementUnit;
if($paramBasicDetails == FALSE)
{
$itemData['print_features_for_list'] = $this->getSelectedFeatures($itemData['item_id'], TRUE);
$itemData['print_features'] = $this->getSelectedFeatures($itemData['item_id']);
}
// Show of hide fields
$itemData['show_manufacturer'] = $itemData['manufacturer_id'] > 0 && $itemData['manufacturer_title'] != "" ? TRUE : FALSE;
$itemData['show_model_name'] = TRUE; // Always true - this field is mandatory
$itemData['show_body_type'] = $itemData['body_type_id'] > 0 && $itemData['body_type_title'] != "" ? TRUE : FALSE;
$itemData['show_transmission_type'] =$itemData['transmission_type_id'] > 0 && $itemData['transmission_type_title'] != "" ? TRUE : FALSE;
$itemData['show_fuel_type'] = $itemData['fuel_type_id'] > 0 && $itemData['fuel_type_title'] != "" ? TRUE : FALSE;
$itemData['show_fuel_consumption'] = $itemData['fuel_consumption'] != "" ? TRUE : FALSE;
$itemData['show_max_passengers'] = $itemData['max_passengers'] > 0 ? TRUE : FALSE;
$itemData['show_engine_capacity'] = $itemData['engine_capacity'] != "" ? TRUE : FALSE;
$itemData['show_max_luggage'] = $itemData['max_luggage'] > 0 ? TRUE : FALSE;
$itemData['show_item_doors'] = $itemData['item_doors'] > 0 ? TRUE : FALSE;
$itemData['show_min_driver_age'] = $itemData['min_driver_age'] > 0 ? TRUE : FALSE;
$itemData['show_mileage'] = $itemData['mileage'] > 0 || $itemData['mileage'] == "" ? TRUE : FALSE;
}
return $itemData;
}
答案 8 :(得分:0)
对于那些将来希望在Razor页面中执行此操作的简单方法的人,请使用以下命令:
在.cshtml中:
@Html.Raw(Html.Encode("<span>blah<span>"))
在.cshtml.cs中:
string rawHtml = Html.Raw(Html.Encode("<span>blah<span>"));