Automatically HtmlEncode strings when the model is serialized with Json.Net

c# serialization json.net html-encode
Buda Gavril picture Buda Gavril · May 22, 2017 · Viewed 9.5k times · Source

Is there a way to configure Json.Net to automatically encode all strings like HtmlEncode(myString) when the model is serialized?

Answer

Mohammad Nikravan picture Mohammad Nikravan · Jan 24, 2018

Try this:

var json = JObject.Parse("{'Name':'<script>alert(1);</script>'}");
var serializerSettings = new JsonSerializerSettings()
{
    StringEscapeHandling = StringEscapeHandling.EscapeHtml
};
var result = JsonConvert.SerializeObject(json, serializerSettings);

result will be:

{"Name":"\u003cscript\u003ealert(1);\u003c/script\u003e"}

Related questions

Using JsonConvert.DeserializeObject to deserialize Json to a C# POCO class

Here is my simple User POCO class: /// <summary> /// The User class represents a Coderwall User. /// </summary> public class User { /// <summary> /// A User's username. eg: "sergiotapia, mrkibbles, matumbo" /// </summary> public string Username { get; …

Read More
How can I change property names when serializing with Json.net?

I have some data in a C# DataSet object. I can serialize it right now using a Json.net converter like this DataSet data = new DataSet(); // do some work here to populate 'data' string output = JsonConvert.SerializeObject(data); However, this …

Read More
NewtonSoft.Json Serialize and Deserialize class with property of type IEnumerable<ISomeInterface>

I am trying to move some code to consume ASP.NET MVC Web API generated Json data instead of SOAP Xml. I have run into a problem with serializing and deserializing properties of type: IEnumerable<ISomeInterface>. Here is …

Read More