Use the library method AntiXSS

1. Add the following code in the web.config httpRuntime tag in the configuration file:

      <httpRuntime 

            encoderType="System.Web.Security.AntiXss.AntiXssRncoder,System.Web,Version=4.0.0.0.Culture=neutral,PublicKeyToken=b02f5f7f11d50a3a"  /> 

Configuration AntiXss library will encode its text, HTML coding also be carried out both JavaScript coding

2. Installation AntiXss NuGet introduced AntiXSS encoder packet namespace

    @using Microsoft.Security.Application  

Then call

    var meg='Welcome, @Encoder。JavaScriptEncode(ViewBag.UserName,false)!';

Guess you like

Origin www.cnblogs.com/liuhuimh/p/12152348.html