如何防止XmlSerializer转义<和>人物 [英] How to prevent XmlSerializer from escaping < and > characters

问题描述

我使用XlmSerializer序列化一个dotnet对象。

I use an XlmSerializer to serialize a dotnet object.

dotnet对象的一个​​属性是具有以下值的字符串：

One property of the dotnet object is a string with this value:

<！[CDATA [< p>没有评论< / p>]]>

序列化到StringWriter之后，全部< 和字符被转换为& lt; 和& gt; 包括CDATA。

Once serialized to a StringWriter, all the < and > characters are converted to < and > including the CDATA's.

如何阻止这种情况的发生？

How could I stop that from happening ?

推荐答案

不要放入CDATA-这是序列化程序的工作。您刚刚告诉序列化程序从CDATA字符串中提取有效的XML。确实可以做到这一点-反序列化后，您仍然剩下<！[CDATA [< p>无评论< / p>]]> 。这正是您要的！更重要的是，这正是您希望序列化程序处理数据的方式-否则，您将遭受痛苦，因为您需要确保数据确实安全。本质上，您正在执行双重编码。

Don't put the CDATA in - that's the serializer's job. You've just told the serializer to make a valid XML out of the CDATA string. It does exactly that - after deserialization, you're still left with <![CDATA[<p>No Comments</p>]]>. That's exactly what you asked for! And more importantly, it's exactly what you want the serializer to do with the data - otherwise you'd be opening yourself to a world of hurt, because you'd need to ensure that the data is actually secure. In essence, you're performing double encoding.

相反，只需放置< p> No Comments< / p> -序列化程序将为您处理转义，以确保它是有效的XML，并且实际上反序列化为< p>无评论< / p> 。

Instead, just put <p>No Comments</p> there - and the serializer will handle the escaping for you, to make sure it's valid XML that actually deserializes to <p>No Comments</p>.

这篇关于如何防止XmlSerializer转义<和>人物的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！