A coworker recently checked in a changeset where lots of expressions on the form <%= (...) 开发者_JAVA技巧%> were changed to <%: (...) %>.
I have a vague recollection of having heard what <%: does, but cannot remember. It's too late in the night to call my coworker, and Google and Bing both seem unable to search for the string "<%:".
Can someone enlighten me, please?
It HtmlEncodes the string, if it hasn't already been encoded.
The "hasn't already been encoded part" is why MvcHtmlString was introduced. MVC2 returns MvcHtmlString from many HtmlHelper methods to represent strings that should not be re-encoded. The <%: %> knows not to re-encode.
See What is an MvcHtmlString and when should I use it? for a good discussion.
It automatically wraps the rendered output in Html.Encode() to avoid scripting attacks.
One way to remember this is (courtesy: Scott Hanselman) think = as an closed gate. Now open the gate by turning it 90 degrees and see it from the same view. you will see :
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论