Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I want to use Microsofts WPL AntiXSS Library as default HTTPEncoder as described at haacked but this documentation is for WPL 3.1 and I’ve read that there is a change regarding HTTPEncoder with latest WPL 4.0. What is the best way to implement it so that all input fields are automatically encoded?
Thanks!
The most inportant change in this context seems to be that if you pass a null as the value for encoding function the function will return null (previous behavior was to return String.Empty). The System.IO.TextWriter will handle nulls properly, so everything should work as expected.