ASP.NET MVC2 -- How is Html.Encode() used?

How is Html.Encode() used? What is its purpose, and how is it useful?

Solution

It HTML encodes the passed it text - this escapes things to avoid certain types of attacks, such as XSS.

For example:

Html.Encode("<script>alert('hi');</alert>")

Will result in:

&lt;script&gt;alert('hi');&lt;/script&gt;

Being output to the page. This ensures that the script will not run.

Attaching to click event (with jQuery) on submit button kills submission function
Route matching with GetVirtualPath
Entity Framework 4 - Calling a Select / Paging Stored Procedure
Paging more than one collection on a single page in asp.net mvc
C# MVC2 Jqgrid - what is the correct way to do server side paging?
ModelState.AddModelError - How can I add an error that isn't for a property?
passing action method parameter to ActionFilterAttribute in asp.net mvc
How do I use Request.RequestUri.Query in .NET? (Error 11 'System.Web.HttpRequestBase' does not contain a definition for 'RequestUri')
Handling FileContentResult when file is not found
Global.asax Exception Handling and HTTP Error Codes
Can I get the controller from the HttpContext?
Percentage calculation
.NET Presentation Tier Architecture / Blueprint for Line of Business Systems
Check for the option label string
if(ModelState.IsValid) doesn't work with FormsCollection. What to use instead?
Bind CheckBoxFor to bool?
MVC controller is being called twice
Mvc 5 pagination using view model
MVC and EditorFor width
Pass collection of enums to ASP.NET MVC ActionMethod
Can't load a DropDownList with values
The IControllerFactory ... did not return a controller for the name 'Rss'
Getting index value on razor foreach
Extra If Statements Or Repetative Code in C#
ASP.Net MVC - Sending an object from controller to view to controller
Proper way of building MVC ActionLink
ambiguous reference
Asp.net MVC validation for non-strings
How does AntiForgeryToken work?
MVC 2.0 Post Form to action instead of redirect to action