How To: Prevent Cross-Site Scripting in ASP.NET

Table 1: Character Representation

Characters	Decimal	Hexadecimal	HTML Character Set	Unicode
" (double quotation marks)	&#34	&#x22	"	\u0022
' (single quotation mark)	&#39	&#x27	'	\u0027
& (ampersand)	&#38	&#x26	&	\u0026
< (less than)	&#60	&#x3C	<	\u003c
> (greater than)	&#62	&#x3E	>	\u003e

alice