public void UpperUnicodeAncientGreekMusicalNotation()
{
const long CodePageStart = 0x1D200;
const long CodePageEnd = 0x1D24F;
UnicodeCharacterEncoder.MarkAsSafe(LowerCodeCharts.Default, LowerMidCodeCharts.None, MidCodeCharts.None, UpperMidCodeCharts.None, UpperCodeCharts.None);
for (long i = CodePageStart; i < CodePageEnd; i++)
{
long h = ((i - 0x10000) / 0x400) + 0xD800;
long l = ((i - 0x10000) % 0x400) + 0xDC00;
string target = Convert.ToString((char)h) + Convert.ToString((char)l);
string expected = "&#" + int.Parse(Convert.ToString(i, 16), System.Globalization.NumberStyles.HexNumber) + ";";
string actual = Encoder.HtmlEncode(target);
string testmessage = "0x" + i.ToString("x").PadLeft(5, '0') + " (gap value) ";
Assert.AreEqual(expected, actual, "Encoder.HtmlEncode " + testmessage + " beyond base plane.");
}
}
/// <summary>
/// Encodes input strings for use in HTML.
/// </summary>
/// <param name="input">String to be encoded.</param>
/// <param name="useNamedEntities">Value indicating if the HTML 4.0 named entities should be used.</param>
/// <returns>
/// Encoded string for use in HTML.
/// </returns>
/// <remarks>
/// All characters not safe listed are encoded to their Unicode decimal value, using &#DECIMAL; notation.
/// If you choose to use named entities then if a character is an HTML4.0 named entity the named entity will be used.
/// The default safe characters include:
/// <list type="table">
/// <item><term>a-z</term><description>Lower case alphabet</description></item>
/// <item><term>A-Z</term><description>Upper case alphabet</description></item>
/// <item><term>0-9</term><description>Numbers</description></item>
/// <item><term>,</term><description>Comma</description></item>
/// <item><term>.</term><description>Period</description></item>
/// <item><term>-</term><description>Dash</description></item>
/// <item><term>_</term><description>Underscore</description></item>
/// <item><term>'</term><description>Apostrophe</description></item>
/// <item><term> </term><description>Space</description></item>
/// </list>
/// The safe list may be adjusted using <see cref="UnicodeCharacterEncoder.MarkAsSafe"/>.
/// <newpara/>
/// Example inputs and their related encoded outputs:
/// <list type="table">
/// <item><term><script>alert('XSS Attack!');</script></term><description>&lt;script&gt;alert('XSS Attack!');&lt;/script&gt;</description></item>
/// <item><term>[email protected]</term><description>[email protected]</description></item>
/// <item><term>Anti-Cross Site Scripting Library</term><description>Anti-Cross Site Scripting Library</description></item>
/// <item><term>"Anti-Cross Site Scripting Library"</term><description>&quote;Anti-Cross Site Scripting Library&quote;</description></item>
/// </list>
/// </remarks>
public static string HtmlEncode(string input, bool useNamedEntities)
{
return(UnicodeCharacterEncoder.HtmlEncode(input, useNamedEntities));
}
