0

So I'm in the process of converting over to the built in AntiXssEncoder now, but I've hit a snag. One of my applications made used of the HtmlAttributeEncode() and JavaScriptEncode() methods of the older Microsoft library. These seem to not be exposed in the built in one... so what am I supposed to do to replace that?

I can do without the Javascript one, but the attribute encode is used in several places.

Michael Hallock
  • 1,413
  • 1
  • 11
  • 17

1 Answers1

1

As long as you have converted to using the inbuilt AntiXssEncoder by setting the encoderType on the httpRuntime then this encoder will be used under the covers by things like HttpUtility which expose both HtmlAttributeEncode and JavaScriptStringEncode

Justin Mellor
  • 11
  • 1