How to print HTML objects using String.Format

Question

How to print HTML objects using String.Format

I have something like this inside my view:

@String.Format("{0} &copy; Copyright by Nemanja", DateTime.Now.Year);

However, this will elude my & in & . Is there any way around this?

+4

c # razor asp.net-mvc-4

Nemanja boric Sep 16 '13 at 20:25

source share

3 answers

You can:

 @Html.Raw(String.Format("{0} &copy; Copyright by Nemanja", DateTime.Now.Year));

+5

Fals Sep 16 '13 at 20:27

source share

Close it in Html.Raw to prevent escaping. Almost all helpers in MVC will encode HTML content to ensure that any model values that could contain HTML or scripts cannot potentially include dangerous scripts. Html.Raw explicitly displays content without encoding it.

 @Html.Raw( String.Format("{0} &copy; Copyright by Nemanja", DateTime.Now.Year) )

+3

AaronLS Sep 16 '13 at 20:28

source share

SLaks · Accepted Answer · 2013-09-16T20:26:55+0000

You are looking for @Html.Raw(...) that will prevent this and create an XSS hole.

In your case, you can completely get rid of it:

 @DateTime.Now.Year &copy; Copyright by Nemanja

How to print HTML objects using String.Format

More articles: