Skip to content Skip to sidebar Skip to footer
Home / C# / Formatting / Html / Quotes

Dealing With Nested Quotes In Html Generated From C#

Post a Comment
i am using a 3rd party library to show tooltips, like so: string tooltip = 'test'; output.Write('onmouseover='Tip(\'' + test + '\');''); // work fine :) i'm having problem with s

Solution 1:

Replace any instance of " with " as follows:

test.Replace( "\"", """ )

Solution 2:

This is the perfect use for the Microsoft Anti-Xss Library

With it, you call the JavaScriptEncode function, which will build a string like this:

Microsoft.Security.Application.AntiXss.JavaScriptEncode("ab'c\"d")
// 'ab\x27c\x22d'

Notice that it includes the quotes.

You would take that, HTML encode it, and plop it directly into your parenthesis.

Something like this:

string tooltip ="<span style='color:red;'>test</span>";
output.Write("onmouseover=\"Tip("+AntiXss.JavaScriptEncode(test) +");\"");  // working :)

Post a Comment for "Dealing With Nested Quotes In Html Generated From C#"