Click below for Step by Step and Interview Q & A (dotnetinter) wrote,
Click below for Step by Step and Interview Q & A
dotnetinter

ASP.NET MVC interview questions series: - Explain HTML encoding in RAZOR and ASPX engine?

ASPX
In aspx view engine we have to explicitly encode our values in order to avoid xss attacks.


h1

Above code block will display following output

For encoding,

1.  We will use Encode method of Html helper class as follows.
h2
2.   New code expression syntax in MVC 4
h3

Now the output will be,

s2

RAZOR

Razor view engines has the automatic capability of encoding values. Look at the following example

h4

Output will be,

s3

It's nice but, what if we don't want encoding?

Output will be,

s4

How string is different from MvcHtmlString?

Example in ASPX

h6

Output for all three lines is going to be

s5

Example in Razor

h7

Output is going to be same.

That's it for today. Next time we will be back with something new. For technical live training on various topics like MVC, WCF, WPF, Design Patterns, BI, ALM with VSTS, HTML 5 visit www.sukesh-Marla.com

Also click and see the following ASP.NET MVC interview questions video on implementing forms authentication in MVC (Model View Controller) applications

Tags: asp.net mvc, asp.net mvc interview questions, aspx engine, csharp interview questions, html encoding, it interview questions with answers, programming interview questions, razor
Subscribe

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments