如何正确编码 mailto 链接?
我正在生成一些 HTML,并且想要生成 XSS 和数据库内容安全的 mailto 链接。这里使用的正确编码是什么?这怎么样?
myLiteral.Text = string.Format(
"mailto:{0}?Content-Type=text/html&Subject={1}&body={2}",
HttpUtility.UrlEncode(email_address),
HttpUtility.UrlEncode(subject),
HttpUtility.UrlEncode(body_message));
我应该在这里使用 UrlEncode 吗? HtmlEncode?做我所做的,然后 HtmlEncode 全部?我正在编写 URL 的 HTML,所以我有点不清楚......
@Quentin,这是你所描述的吗? (将 & 更改为 &,因为我即将 HtmlEncode...)
myLiteral.Text =
HttpUtility.HtmlEncode(HttpUtility.UrlEncode(
string.Format(
"mailto:{0}?Content-Type=text/html&Subject={1}&body={2}",
email_address, subject, body_message)));
I am generating some HTML and I want to generate an XSS- and database-content-safe mailto link. What is the proper encoding to use here? How's this?
myLiteral.Text = string.Format(
"mailto:{0}?Content-Type=text/html&Subject={1}&body={2}",
HttpUtility.UrlEncode(email_address),
HttpUtility.UrlEncode(subject),
HttpUtility.UrlEncode(body_message));
Should I use UrlEncode here? HtmlEncode? Do what I did, then HtmlEncode the entirety? I'm writing HTML of a URL, so I'm a little unclear...
@Quentin, is this what you're describing? (Changed &s to & since I'm about to HtmlEncode...)
myLiteral.Text =
HttpUtility.HtmlEncode(HttpUtility.UrlEncode(
string.Format(
"mailto:{0}?Content-Type=text/html&Subject={1}&body={2}",
email_address, subject, body_message)));
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您将一些内容放入 URL 中,然后用 HTML 表示该 URL。因此,对其进行 URLEncode,然后对从 URLEncode 获得的内容进行 HTMLEncode。
You are putting some content in a URL, then representing that URL in HTML. So URLEncode it then HTMLEncode what you get from URLEncode.