1

Basically a dup of this question using php, but I need it for C#.

I need to be able to replace any & that is not currently not any HTML entity (e.g. &) before outputting to screen. I was thinking a regex, but I'm not sure if .Net has something built in that will do this.

Community
  • 1
  • 1
Eddie
  • 5,050
  • 8
  • 37
  • 46
  • So you have a string with mixed HTML and non-HTML text? You should go closer to the source and clean it up before it gets mixed up in the string in the first place. – Guffa Apr 27 '10 at 17:29
  • Ya, I'm trying to get a quick fix to solve a problem in which I can then come back and fix the real problem which deals with how the string is being made. Fixing the real problem is going to take some time though. – Eddie Apr 27 '10 at 17:32
  • I've created the a function to encode & and ' without messing up with already encoded & or ' or " . Check the following link [http://stackoverflow.com/a/21317732/2123134](http://stackoverflow.com/a/21317732/2123134) – Amitabh Jan 23 '14 at 19:40

3 Answers3

2

You can use HttpUtility.HtmlEncode.
Whithing the context of a page or UserControl, you can use Server.HtmlEncode.

Kobi
  • 135,331
  • 41
  • 252
  • 292
2

Better AntiXss.HtmlEncode, prevents XSS.

Community
  • 1
  • 1
KMån
  • 9,896
  • 2
  • 31
  • 41
1

You could always HTML Decode the string (which would turn any HTML symbols into their display equivalents), replace any &'s, and then Encode the string again (which turns the symbols back into what they were originally). You might need to watch for side effects though.

Tejs
  • 40,736
  • 10
  • 68
  • 86
  • Wouldn't that get rid of ampersands that were encoded by &? – Jonas Apr 27 '10 at 17:28
  • Yup - which is why you would want to test this solution a bit. My response to that issue would be to replace & with some special symbol unlikely to be used (like (char)1), decode, replace, encode, and then replace (char)1 with &. – Tejs Apr 27 '10 at 17:34
  • in your example why not just replace all & with & then all & with & Why bother with another string – corymathews Apr 27 '10 at 17:46
  • Seems like a decode/encode cycle would take care of it without having to replace amperstands. Decode would transform already encoded characters back to plain text, and encoding would reverse it while also handling characters that weren't properly encoded before. – Anthony Pegram Apr 27 '10 at 17:47
  • @cory, your idea would make " => " – Anthony Pegram Apr 27 '10 at 17:49