dotnet-issue-labeler[bot]
commented
1 month ago I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
Open JeffSchwandt opened 1 month ago
dotnet-issue-labeler[bot]
commented
1 month ago I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
dotnet-issue-labeler[bot]
commented
1 month ago I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
Rick-Anderson
commented
1 month ago @gewarren where should this be reported. I'm surprised this hasn't been discovered before.
gewarren
commented
1 month ago The following program shows it's not
HtmlEncodeing" "space.@gewarren where should this be reported. I'm surprised this hasn't been discovered before.
Maybe on DevComm? https://developercommunity.visualstudio.com/home
Rick-Anderson
commented
1 month ago Reported here
Type of issue
Code doesn't work
Description
Two of the code examples given for HtmlEncode(String, Boolean) and for HtmlEncode(String, TextWriter) incorrectly encode the (Space) character.
alert('XSS Attack!');alert('XSS Attack!');"Anti-Cross Site Scripting Namespace""Anti-Cross Site Scripting Namespace"Page URL
https://learn.microsoft.com/en-us/dotnet/api/system.web.security.antixss.antixssencoder.htmlencode?view=netframework-4.8
Content source URL
https://github.com/dotnet/dotnet-api-docs/blob/main/xml/System.Web.Security.AntiXss/AntiXssEncoder.xml
Document Version Independent Id
6789ad2b-05d7-e3fe-97b3-27e6ce8d971f
Article author
@Rick-Anderson