Disadvantage of HttpUtility.HtmlAttributeEncode

Posted by vinay_rockin on Stack Overflow See other posts from Stack Overflow or by vinay_rockin
Published on 2010-03-17T14:56:16Z Indexed on 2010/03/17 15:01 UTC
Read the original article Hit count: 394

Filed under:
|
|

I have to encode a field so to make it secure of script injection.

I know I can use HttpUtility.HtmlEncode and Decode, but this method for HI-ASCII characters goes out of the range of the field size in database and I dont want to change the size of data field column.

Instead if I use HttpUtility.HtmlAttributeEncode, it works fine because it does not encode the HI-ASCII characters.

Is it safe what can be the disadvantages of it.

© Stack Overflow or respective owner

Related posts about .NET

Related posts about c#