decode method

Feb 6, 2009 at 9:32 AM

I konw AntiXSS library always doesn't include decode method/function.
Would you mind I am asking the reason, please?

Thank you
Feb 6, 2009 at 4:16 PM

Hi Jawc,

RV has expressed the answer best:

Anti-XSS library was created to provide protection against Cross Site Scripting vulnerability (XSS), which requires encoding the output. Thus only encoding methods are present in Anti-XSS library. Additionally decoding methods are already provided by .NET Framework’s HttpServerUtility Class. HttpServerUtility.HtmlDecode and HttpServerUtility.UrlDecode provide the decoding functionality.