The other day I was trying to pass an encoded version of "id=123" to a customer's search API. I tried
var result = HttpUtility.HtmlEncode("id=123");
but it returned "id=123". I stared at the screen, scratched my head, and jumped on Google.
A quick search reminded me that HtmlEncode is for escaping HTML, but it leaves everything else alone. So
var result = HttpUtility.HtmlEncode("<br/>");
returns "<br/>". All the less thans and greater thans get escaped, but the rest is pretty much the same.
UrlEncode is for cases where you want to escape a URL, so
var result = HttpUtility.UrlEncode("id=123");
returns "id%3d123", which is what I wanted in the first place. By comparison, if you UrlEncode the "<br/>" tag, like
var result = HttpUtility.UrlEncode("<br/>");
you'll get back "%3cbr%2f%3e". It's encoding the less than, the slash, and the greater than, but it's encoding them with URL-type escapes instead of HTML-style ones.
I guess it's been a while since I paid attention to encoding. Not all encoding methods are equal in the ASP.NET framework, so be careful which one you use.
