Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

BUG: InnerText and InnerHTML Encoding Does Not Work as Expected


View products that this article applies to.

Symptoms

When you use the InnerHtml property of a HtmlTextArea control on the server side to prevent automatic encoding that is performed with ASP.NET, the InnerHtml property does not prevent the encoding of special characters to HTML entities. For example, when the InnerHtml property is set to <b>Hello</b>, the angle bracket characters (< and >) are converted to &lt; and &gt; respectively, and the text displayed on the page is <b> Hello </b>.

When you use the InnerText property of a HtmlTextArea control on the server side to provide automatic HTML encoding, the InnerText property does not encode special characters to HTML entities. For example, when the InnerText property is set to <b>Hello</b>, the angle bracket characters (< and >) are not converted to &lt; and &gt; respectively. Because of this, the browser detects the <b> tags and displays the text "Hello" in bold type.

↑ Back to the top


Status

Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

↑ Back to the top


More information

When the InnerHtml property of HtmlContainerControl is used to set special characters, it automatically encodes special characters to and from HTML entities. For more information about this control, visit the following Microsoft Developer Network (MSDN) Web site:

Steps to Reproduce the Behavior

  1. In Microsoft Visual Studio .NET, create a new ASP.NET Web Application project by using Microsoft Visual Basic .NET or Microsoft Visual C# .NET. By default, WebForm1.aspx is created.
  2. Right-click WebForm1, and then click View HTML.
  3. Replace the existing code with the following code:

    Visual Basic .NET

    <%@ Page Language="vb" %>
    <HTML>
       <HEAD>
          <script language="vb" runat="server">
             Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs)
                Response.Write(TEXTAREA1.InnerHtml)
             End Sub
    
             Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs)
                Response.Write(TEXTAREA1.InnerText)
             End Sub
          </script>
       </HEAD>
       <body>
          <form id="Form1" method="post" runat="server">
             <P>&nbsp;</P>
             <P>&nbsp;</P>
             <P><TEXTAREA id="TEXTAREA1" name="TEXTAREA1" rows="2" cols="20" runat="server">
                </TEXTAREA></P>
             <P>
                <asp:Button id="Button1" runat="server" Text="InnerHtml" OnClick="Button1_Click"></asp:Button>&nbsp;
                <asp:Button id="Button2" runat="server" Text="InnerText" OnClick="Button2_Click"></asp:Button></P>
          </form>
       </body>
    </HTML>

    Visual C# .NET

    <%@ Page Language="C#" %>
    <HTML>
       <HEAD>
          <script language=C# runat="server">
             private void Button1_Click(System.Object sender, System.EventArgs e)
             {
                Response.Write(TEXTAREA1.InnerHtml);
             }
    
             private void Button2_Click(System.Object sender, System.EventArgs e)
             {
                Response.Write(TEXTAREA1.InnerText);
             }
          </script>
       </HEAD>
       <body>
          <form id="Form1" method="post" runat="server">
             <P>&nbsp;</P>
             <P>&nbsp;</P>
             <P><TEXTAREA id="TEXTAREA1" name="TEXTAREA1" rows="2" cols="20" runat="server">
                </TEXTAREA></P>
             <P>
                <asp:Button id="Button1" runat="server" Text="InnerHtml" OnClick="Button1_Click"></asp:Button>&nbsp;
                <asp:Button id="Button2" runat="server" Text="InnerText" OnClick="Button2_Click"></asp:Button></P>
          </form>
       </body>
    </HTML>
    Note Add ValidateRequest="false" attributes to the @Page directive in ASP.NET version 1.1.
  4. On the Debug menu, click Start to run the application.
  5. In the text area, type <b>Hello</b>, and then click InnerHtml or InnerText.

↑ Back to the top


References

For more information about the InnerHtml property, visit the following MSDN Web site:

↑ Back to the top


Keywords: KB815186, kbbug, kbwebforms, kbcontrol, kbctrl, kbhtml

↑ Back to the top

Article Info
Article ID : 815186
Revision : 6
Created on : 4/30/2003
Published on : 4/30/2003
Exists online : False
Views : 364