?

Log in

No account? Create an account

Previous Entry | Next Entry

ASPX
In aspx view engine we have to explicitly encode our values in order to avoid xss attacks.


h1

Above code block will display following output

For encoding,

1.  We will use Encode method of Html helper class as follows.
h2
2.   New code expression syntax in MVC 4
h3

Now the output will be,

s2

RAZOR

Razor view engines has the automatic capability of encoding values. Look at the following example

h4

Output will be,

s3

It's nice but, what if we don't want encoding?

Output will be,

s4

How string is different from MvcHtmlString?

Example in ASPX

h6

Output for all three lines is going to be

s5

Example in Razor

h7

Output is going to be same.

That's it for today. Next time we will be back with something new. For technical live training on various topics like MVC, WCF, WPF, Design Patterns, BI, ALM with VSTS, HTML 5 visit www.sukesh-Marla.com

Also click and see the following ASP.NET MVC interview questions video on implementing forms authentication in MVC (Model View Controller) applications

Copy right www.questpond.com

Tags

Latest Month

September 2017
S M T W T F S
     12
3456789
10111213141516
17181920212223
24252627282930
Powered by LiveJournal.com