?

Log in

Previous Entry | Next Entry

ASPX
In aspx view engine we have to explicitly encode our values in order to avoid xss attacks.


h1

Above code block will display following output

For encoding,

1.  We will use Encode method of Html helper class as follows.
h2
2.   New code expression syntax in MVC 4
h3

Now the output will be,

s2

RAZOR

Razor view engines has the automatic capability of encoding values. Look at the following example

h4

Output will be,

s3

It's nice but, what if we don't want encoding?

Output will be,

s4

How string is different from MvcHtmlString?

Example in ASPX

h6

Output for all three lines is going to be

s5

Example in Razor

h7

Output is going to be same.

That's it for today. Next time we will be back with something new. For technical live training on various topics like MVC, WCF, WPF, Design Patterns, BI, ALM with VSTS, HTML 5 visit www.sukesh-Marla.com

Also click and see the following ASP.NET MVC interview questions video on implementing forms authentication in MVC (Model View Controller) applications

Copy right www.questpond.com

Buy 600+ Real Time Interview Videos

Call +91-22-66752917 or mail us on questpond@questpond.com for more details on C#, .NET, ASP.NET, SQL Server interview question videos.

SQL Server interview question videos

Latest Month

March 2017
S M T W T F S
   1234
567891011
12131415161718
19202122232425
262728293031 

Tags

Powered by LiveJournal.com