Ok, we had a problem come up today at work. It is a strange one that I never would have even thought to try.
<form id="form1" runat="server" method="post" action="Default.aspx?id=<%= ID %>" >
Ok, it is very ugly and I wouldn't have ever tried it myself. It came up in some code that was written years ago but had been working up until this weekend after a bunch of updates were installed on a client's web server where the code is hosted.
The actual result of this is the following html:
<form name="form1" method="post" action="Default.aspx?id=<%= ID %>" id="form1">
The url ends up like this:
http://localhost:6735/Default.aspx?id=<%= ID %>
Which as you can see, demonstrates that the "<" symbol is being encoded before ASP.NET actually processes the page. It seems strange to me as I thought that even though it is not pretty by any means, it should work. I'm confused.
To make matters worse, the client insists that it is a bug in IE since it appears to work in Firefox. In fact, it is broken in Firefox as well, except for some reason Firefox treats it as a 0.
Any ideas on why this happens and how to fix it easily? Everything I try to render within the server control ends up getting escaped.
Edit
Ok, I found a "fix"
<form id="form1" runat="server" method="post" action='<%# String.Format("Default.aspx?id={0}", 5) %>' >
But that requires me to call DataBind which is adding more of a hack to the original hack. Guess if nobody thinks of anything else I'll have to go with that.