Emitting unencoded strings in a Razor view

As ScottGu says in his blog post «by default content emitted using a @ block is automatically HTML encoded to better protect against XSS attack scenarios». My question is: how can you output a non-HTML-encoded string?

For the sake of simplicity, pls stick to this simple case:

@{
 var html = "<a href='#'>Click me</a>"
 // I want to emit the previous string as pure HTML code...
}

Solution 1:

This is my favorite approach:

@Html.Raw("<p>my paragraph text</p>")

Source was Phil Haack's Razor syntax reference: http://haacked.com/archive/2011/01/06/razor-syntax-quick-reference.aspx

Solution 2:

You can create a new instance of MvcHtmlString which won't get HTML encoded.

@{
  var html = MvcHtmlString.Create("<a href='#'>Click me</a>")
}

Hopefully there will be an easier way in the future of Razor.

If you're not using MVC, you can try this:

@{
  var html = new HtmlString("<a href='#'>Click me</a>")
}

Solution 3:

new HtmlString is definitely the answer.

We looked into some other razor syntax changes, but ultimately none of them ended up really being any shorter than new HtmlString.

We may, however, wrap that up into a helper. Possibly...

@Html.Literal("<p>something</p>")

or

@"<p>something</p>".AsHtml()