[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1051
  • Last Modified:

How can I verify Server.HtmlEncode is working?

I have started using Server.HtmlEncode to add some kind of security to my little apps.  They work fine with it, but I want to verify it's actually encoding so I can show the boss.  Is there a way to get the encoded output of a field?

For example, if I have the code below.  I want to see the encoded text just so I know it's encoding properly.
lbl1.Text = Server.HtmlEncode(txt1.Text);

Open in new window

0
mrcoulson
Asked:
mrcoulson
  • 3
  • 3
1 Solution
 
GiftsonDJohnCommented:
Hi,

It is very simple. Have a multiline textbox, a Label and a Button controls. Copy html code from any webpage. Paste it in the multi line text box. Write the code below on a button click event.

Label1.Text=Server.HtmlEncode(TextBox1.Text);

It should display the actual html code in the Label. If you remove the Server.HtmlEncode methos, the contents will render and display as formatted.
0
 
Anurag ThakurCommented:
put in some special symbols in the text box like < > &
encode will convert them to > < &amp; and if encoding is not working then everything will remain the same
0
 
mrcoulsonAuthor Commented:
Let's see.

When I do GiftsonDJohn's suggestion, I get the desired result of a bunch of unparsed code instead of rendered HTML.

When I do ragi's suggestion, the & stays as an &.  

http://www.co.frederick.va.us/apps/email_form/WebForm1.aspx

Jeremy
protected void btn1_Click(object sender, EventArgs e)
        {
            lbl1.Text = Server.HtmlEncode(txt1.Text);
            lbl2.Text = Server.HtmlDecode(lbl1.Text);
        }

Open in new window

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Anurag ThakurCommented:
as far as i remember encoding and decoding is not used to display text on the forms
its normally used to when we have to pass the data from the server side to the database or to the remote business object for processing
0
 
mrcoulsonAuthor Commented:
Right.  I just want to verify.  I want a visual way to say, "See?  It works!  Now, I'm the hero."

Jeremy
0
 
Anurag ThakurCommented:
you could have shown that in the database too or by saving the encoded string in a text file
anyways good luck - i hope you have got your solution
0
 
mrcoulsonAuthor Commented:
Well, what GiftsonDJohn said makes sense to me, so in the interest of not leaving a question out here too long, he gets it.  

Jeremy
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now