Server.HtmlEncode vs Encoder.HtmlEncode

Question

I have the below code in my MVC application.

 text = Server.HtmlEncode(text);
 text=Encoder.HtmlEncode(text);

what is the difference will do if I use AntiXSS library here?

I passed the value <script>alert("strek")</script>

to the variable text it returns the same output for both the cases. Where it will make difference?

score 0 · Answer 1 · edited May 23 '17 at 10:28

0

As seen here, Server.HtmlEncode(text) uses a instance of System.Web.HttpServerUtility while AntiXSS' Encoder.HtmlEncode(text) is static.

edited May 23 '17 at 10:28

Community

answered May 10 '16 at 05:32

diiN__________

will it make any difference in the output? – Tom Cruise May 10 '16 at 05:42
I don't think so but I would advise using the static version. – diiN__________ May 10 '16 at 05:45

1 Answers1