.NET Array Dictionary List String 2D Async DataTable Dates DateTime Enum File For Foreach Format IEnumerable If IndexOf Lambda Parse Path Process Property Regex Replace Row Sort Split Static StringBuilder Substring Switch Tuple Window

HtmlEncode, HtmlDecode. HTML must sometimes be encoded. This is necessary for it to be displayed as text in another HTML document. With the WebUtility.HtmlEncode and WebUtility.HtmlDecode methods in the C# language, we do this without writing any custom code.
Not HTML encoded

You & me > them

Is HTML encoded

You & me > them
Example. The HtmlEncode method is designed to receive a string that contains HTML markup characters such as > and <. The HtmlDecode method, meanwhile, is designed to reverse those changes. It changes encoded characters back to actual HTML.

Next: We use HtmlEncode and HtmlDecode in a C# program. The System.Net assembly is included at the top of the program.

HtmlEncode and HtmlDecode methods: C#

using System;
using System.Net;

class Program
    static void Main()
	string a = WebUtility.HtmlEncode("<html><head><title>T</title></head></html>");
	string b = WebUtility.HtmlDecode(a);

	Console.WriteLine("After HtmlEncode: " + a);
	Console.WriteLine("After HtmlDecode: " + b);


After HtmlEncode:

After HtmlDecode:
Example 2. Next, HtmlEncode and HtmlDecode are also built into the Server objects in ASP.NET. These methods have no advantages over the HttpUtility methods. They are equivalent. We present an example that uses them in a Page class.
ASPX code-behind file that encodes HTML: C#

using System;
using System.IO;
using System.Web;
using System.Web.UI;

public partial class _Default : Page
    protected void Page_Load(object sender, EventArgs e)
	// This could mess up HTML.
	string text = "you & me > them"; // 1

	// Replace > with >
	string htmlEncoded = Server.HtmlEncode(text); // 2

	// Now has the > again.
	string original = Server.HtmlDecode(htmlEncoded); // 3

	// This is how you can access the Server in any class.
	string alsoEncoded = HttpContext.Current.Server.HtmlEncode(text); // 4

	StringWriter stringWriter = new StringWriter();
	using (HtmlTextWriter writer = new HtmlTextWriter(stringWriter))
	    // Write a DIV with encoded text.
	string html = stringWriter.ToString(); // 5


Step 1: Before encoding has occurred.
String: you & me > them

Step 2: The string is encoded for HTML.
String: you &amp; me &gt; them

Step 3: String is converted back from HTML.
String: you & me > them

Step 4: The string is encoded for HTML again.
String: you &amp; me &gt; them

Step 5: The HTML string is written into a DIV.
Text:   <div>you &amp; me &gt; them</div>
In this example, we see three different methods. The first two just return an encoded or decoded string, and the HtmlTextWriter uses an interesting method called WriteEncodedText.

Note: This may be more efficient, as it could avoid a string copy. I tested these methods with breakpoints.

The WebUtility class is a better way to encode HTML and URLs in programs. You will want to call WebUtility.HtmlDecode and WebUtility.HtmlEncode on your strings. It is also possible to use the HttpUtility class.
Performance. In my brief benchmarks, I found Server.HtmlEncode and Server.HtmlDecode to be much faster than my home-grown version that used StringBuilder. Unless you want create a better implementation, it is best to use these Framework methods.StringBuilder
Summary. These methods provide reliable replacement of HTML characters and are available in all your .NET programs. HtmlEncode and HtmlDecode also handle character entities. These are sequences that represent non-ASCII characters.

Tip: These methods are also available on the HttpUtility type. More information on the HttpUtility type is available.