I have trouble with an ASP.NET 4.5 webforms application and the new <%#: syntax to do automatic HTML encoding.
I have a formview like this:
<asp:FormView runat="server" ID="FormViewCompany" ItemType="FormViewEncoding.Model.Company" DefaultMode="ReadOnly"
SelectMethod="Select">
<ItemTemplate>
<em>Company</em>
<br/><br/>
<asp:Label runat="server" ID="lblName" Text="Name" Width="200px"/>
<asp:TextBox runat="server" ID="tbxName" Text="<%#: Item.Name %>" Width="600px" />
<br/>
<asp:Label runat="server" ID="lblAddress" Text="Address" Width="200px"/>
<asp:TextBox runat="server" ID="tbxAddress" Text="<%#: Item.Address %>" Width="600px" />
<br/>
<asp:Label runat="server" ID="lblZipAndCity" Text="Zip/City" Width="200px"/>
<asp:TextBox runat="server" ID="tbxZip" Text="<%#: Item.ZipCode %>" Width="75px" />
<asp:TextBox runat="server" ID="tbxCity" Text="<%#: Item.City %>" Width="525px"/>
<br/>
</ItemTemplate>
</asp:FormView>
and when I load a company with German umlauts in its name and address from my SQL Server database (simplified to just return a new instance of an object here):
public class Company
{
public string Name { get; set; }
public string Address { get; set; }
public string ZipCode { get; set; }
public string City { get; set; }
}
public Company Select()
{
return new Company
{
Name = "Müller & Söhne AG",
Address = "Haupstrasse 14",
ZipCode = "5600",
City = "Münchenstein"
};
}
I get this output which is NOT good!
WHY are the German umlauts like ü encoded into #252; ??
This makes no sense to me..... I was hoping to use the new <%#: data binding syntax to do automatic HTML encoding to prevent inadvertently rendering any malicious code - but if all German umlauts get "mangled" in the process, too, I get absolutely not use that feature which is really a pity!
