Open JeffSchwandt opened 1 month ago
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
@gewarren where should this be reported. I'm surprised this hasn't been discovered before.
The following program shows it's not
HtmlEncode
ing" "
space.@gewarren where should this be reported. I'm surprised this hasn't been discovered before.
Maybe on DevComm? https://developercommunity.visualstudio.com/home
Reported here
Type of issue
Code doesn't work
Description
Two of the code examples given for HtmlEncode(String, Boolean) and for HtmlEncode(String, TextWriter) incorrectly encode the (Space) character.
alert('XSS Attack!');
alert('XSS Attack!');
"Anti-Cross Site Scripting Namespace"
"Anti-Cross Site Scripting Namespace"
Page URL
https://learn.microsoft.com/en-us/dotnet/api/system.web.security.antixss.antixssencoder.htmlencode?view=netframework-4.8
Content source URL
https://github.com/dotnet/dotnet-api-docs/blob/main/xml/System.Web.Security.AntiXss/AntiXssEncoder.xml
Document Version Independent Id
6789ad2b-05d7-e3fe-97b3-27e6ce8d971f
Article author
@Rick-Anderson