如何过滤掉HTML代码啊!(在线等)
请问如何过滤掉危险的HTML代码啊
我用了
str=str.Replace( " < ", "< ");
str=str.Replace( "> ", "> ");
存入数据库的也是对的,可是只要我一加字母就报错
就是说输入 " < "存入数据库的是 "< ",可是只要写成 " <br "就报错
怎么弄啊?
[解决办法]
MSDN上的例子
那两个方法是可以实现的你需求的
using System;
using System.Web;
using System.IO;
class MyNewClass
{
public static void Main()
{
String myString;
Console.WriteLine( "Enter a string having '& ' or '\ " ' in it: ");
myString=Console.ReadLine();
String myEncodedString;
// Encode the string.
myEncodedString = HttpUtility.HtmlEncode(myString);
Console.WriteLine( "HTML Encoded string is "+myEncodedString);
StringWriter myWriter = new StringWriter();
// Decode the encoded string.
HttpUtility.HtmlDecode(myEncodedString, myWriter);
Console.Write( "Decoded string of the above encoded string is "+
myWriter.ToString());
}
}
