{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 相关推荐>> 的问题《" instead sign of quote (){kind=link}
I have writteln asp.net web projet in C#.
The problem is in saving sign of quote " in a database and displaying this again in a page.
For example there is a textbox and I type following:
"abcd"
and save this in DB.
However, when I read this again and display it in a page I see:
"abcd"
So what is a problem here?Does someone know the solution?
the charset I use is utf8 and colattion is utf8generalci
Try use HTML decode and encode
HttpUtility.HtmlDecode
Refer http://msdn.microsoft.com/en-us/library/aa332854%28v=vs.71%29.aspx
This is actually desired behavior -
"is the escaped html entity". It's a security issue to output literal " as it can enable Cross-Site-Scripting or Cross-Site-Request-Forgery.// sorry, please note freefaller's correct answer below.