Why the HtmlEncode doesn't encode this char?
Question
This is the code :
Response.Write("asd1 X : " + HttpUtility.HtmlEncode("×"));
Response.Write("asd2 X : " + HttpUtility.HtmlEncode("✖"));
The fist one is :
asd1 X : × // OK, ENCODED AS HTML ENTITIES
the second no, just ✖ :
asd2 X : ✖
which kind of char is that? Also, if I try here the result is :
asd1 X : ×
asd2 X : ✖
What?? Why this differences?
2 answers
solution1
7 2012-06-19 16:06:25
In the MSDN page for HttpUtility.HtmlEncode(string) , you will find this comment:
It encodes all character codes from decimal 160 to 255 (both inclusive) to their numerical entity (eg
 )
× ( × ) is the same as × / × on my computer, so will get encoded, but since ✖ is ✖ / ✖ , it will not be.
You can use the overload of HtmlEncode that takes a TextWriter based on the wanted Encoding.
solution2
2 ACCPTED 2012-06-19 16:06:58
My best guest is that not all strings has a entity representation. The Heavy multiplication X is just one of the many that don't.
To elaborate Oded's link, HttpUtility.HtmlEncode only encodes characters in ISO 8859-1 (Latin-1) . Since the Heavy Multiplication X is out of this range, the function doesn't handle it.
If you try Microsoft.Security.Application.AntiXss.HtmlEncode("✖"); , you'll get the HTML entity in ✖ .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.