I'm new to ASP.NET MVC. I've seen both <%= ... %> and <%: ... %>. I'm familiar with the first from classic ASP days, but not the latter. What is the difference between the two?
+10
A:
<%= %> - equivalent to response.write in classic ASP.
<% %> - represents a code block, if, then else, for each, etc.
<%: %> - this is a shortcut new to .NET 4, this represents <%= html.encode(item) %>
Link to video explaining the shortcut (it's a short clip):
Tommy
2010-06-22 01:49:00
+3
A:
Using <%: tells ASP.NET 4.0 to perform a Server.HtmlEncode() on the value being displayed.
Whereas using <%=, it is up to the developer to use Server.HtmlEncode().
Note HtmlEncode() helps void cross-scripting attacks.
For more info, see ScottGu's post here.
Carl Prothman
2010-06-22 01:49:08