This project is read-only.
3

Closed

AntiXss not encoding

description

Hi,
 
I am using the latest v4.0. I have:
 
Closed Jun 3, 2014 at 1:48 AM by bdorrans

comments

bdorrans wrote Apr 2, 2011 at 4:34 AM

AntiXSS's HTML encode doesn't encode apostrophes by default, unlike the .NET encoder which started doing this in 4.0 - the HTML spec says it doesn't have to, but, if you use HtmlEncode where you should use HtmlAttributeEncode then this can be a problem. This will be fixed in the next release so the HtmlEncode will encode apostrophes.

wrote Sep 29, 2011 at 6:59 PM

wrote Jun 8, 2012 at 2:07 PM

wrote Feb 22, 2013 at 1:07 AM

wrote Jun 3, 2014 at 1:48 AM

wrote Jun 3, 2014 at 1:48 AM