I have an ASP.NET MVC action that is returning a JSON object.
The JSON:
{status: "1", message:"", output:"<div class="c1"><div class="c2">User generated text, so can be anything</div></div>"}
Currently my HTML is breaking it. There will be user generated text in the output field, so I have to make sure I escape ALL things that need to be escaped.
Does someone have a list of all things I need to escape for?
I'm not using any JSON libraries, just building the string myself.
This question is related to
asp.net-mvc
json
escaping
Take a look at http://json.org/. It claims a bit different list of escaped characters than Chris proposed.
\"
\\
\/
\b
\f
\n
\r
\t
\u four-hex-digits