• Different ways how to escape an XML string in C# (zz)

    Different ways how to escape an XML string in C#

    //z 2012-08-01 17:02:15 is2120@csdn.T297755689 [T22,L756,R3,V348]
    XML encoding is necessary if you have to save XML text in an XML document. If you don't escape special chars the XML to insert will become a part of the original XML DOM and not a value of a node.

    Escaping the XML means basically replacing 5 chars with new values.

    These replacements are:

    < -> &lt;
    > -> &gt;
    " -> &quot;
    ' -> &apos;
    & -> &amp;

    Here are 4 ways you can encode XML in C#:

    1. string.Replace() 5 times

    This is ugly but it works. Note that Replace("&", "&amp;") has to be the first replace so we don't replace other already escaped &.

    string xml = "<node>it's my \"node\" & i like it<node>";
encodedXml = xml.Replace("&", "&amp;").Replace("<", "&lt;").Replace(">", "&gt;").Replace("\"", "&quot;").Replace("'", "&apos;");

// RESULT: &lt;node&gt;it&apos;s my &quot;node&quot; &amp; i like it&lt;node&gt;

     

    2. System.Web.HttpUtility.HtmlEncode()

    Used for encoding HTML, but HTML is a form of XML so we can use that too. Mostly used in ASP.NET apps. Note that HtmlEncode does NOT encode apostrophes ( ' ).

    string xml = "<node>it's my \"node\" & i like it<node>";
string encodedXml = HttpUtility.HtmlEncode(xml);

// RESULT: &lt;node&gt;it's my &quot;node&quot; &amp; i like it&lt;node&gt;

     

    3. System.Security.SecurityElement.Escape()

    In Windows Forms or Console apps I use this method. If nothing else it saves me including the System.Web reference in my projects and it encodes all 5 chars.

    string xml = "<node>it's my \"node\" & i like it<node>";
string encodedXml = System.Security.SecurityElement.Escape(xml);

// RESULT: &lt;node&gt;it&apos;s my &quot;node&quot; &amp; i like it&lt;node&gt;

     

    4. System.Xml.XmlTextWriter

    Using XmlTextWriter you don't have to worry about escaping anything since it escapes the chars where needed. For example in the attributes it doesn't escape apostrophes, while in node values it doesn't escape apostrophes and qoutes.

    string xml = "<node>it's my \"node\" & i like it<node>";
using (XmlTextWriter xtw = new XmlTextWriter(@"c:\xmlTest.xml", Encoding.Unicode))
{
    xtw.WriteStartElement("xmlEncodeTest");
    xtw.WriteAttributeString("testAttribute", xml);
    xtw.WriteString(xml);
    xtw.WriteEndElement();
}

// RESULT:
/*
<xmlEncodeTest testAttribute="&lt;node&gt;it's my &quot;node&quot; &amp; i like it&lt;node&gt;">
    &lt;node&gt;it's my "node" &amp; i like it&lt;node&gt;
</xmlEncodeTest>
*/

    Each of the four ways is different, so use each one where you fell appropriate. You can't go wrong with SecurityElement though. :)
    //z 2012-08-01 17:02:15 is2120@csdn.T297755689 [T22,L756,R3,V348]

    http://weblogs.sqlteam.com/mladenp/archive/2008/10/21/Different-ways-how-to-escape-an-XML-string-in-C.aspx
  • 相关阅读:
    20192415 202120222 《网络与系统攻防技术》实验七实验报告
    C#字符串压缩
    linux服务器登录mysql报错bash: mysql: command not found
    java读取含有合并单元格的Excel
    修改序列号:当序列号小于主键ID的时候如何处理?
    1130 is not allowed to connect to this MySql server
    报错: java.lang.IllegalStateException: Cannot get a STRING value from a NUMERIC cell
    报错:There is no getter for property named 'distinct' in
    报错:违反检查约束条件 (GYPTS.SYS_C0016857)
    vue代码如何实现平方米m2
  • 原文地址:https://www.cnblogs.com/IS2120/p/6745867.html
Copyright © 2020-2023  润新知