C# 資訊安全 Cross site scripting

   using Microsoft.Security.Application;

   String APPLY_ID = Encoder.HtmlEncode((Request.QueryString["ID"]) ?? "");





   String iHTML = @"<table class='TableStyle01_cont'>
                                <tr bgcolor='#E8E8FF' align='center'>
                                    <th>項次</th>
                                    <th>名稱</th>
                                    <th>資料庫名稱</th>
                                </tr>
                    </table>";


   Literal1.Text = Encoder.HtmlEncode(iHTML);