0

I want to format a c# code in a grid cell. I want to apply italic style to the string strProjectDelivery. But it is not happening.

The below is the csharp string.

strProjectResults = strProjectGoals + "" + strProjectDelivery

I used the Server.HtmlEncode().

strProjectResults = strProjectGoals + Server.HtmlEncode("<i>"+ strProjectDelivery+"</i>");

And the string result is like this, 

HighPriorityGoals&lt;i&gt;DeliveredOnTime&lt;/i&gt;

Even HtmlDecode is also not working. Please let me know how to handle this.

Thanks in advance.

4

1 回答 1

0

HTML 编码的目的是获取任意文本并转义其 HTML 标记,以便将其视为纯文本。

HTML转义<i>失败了你的目的。

相反,您需要对要构建到 HTML中的内容进行 HTML 转义

您需要知道每个变量是被视为 HTML 还是文本,否则您最终会遇到 XSS 漏洞。

于 2013-07-18T16:49:16.387 回答