This class provides helper methods and is available through the built-in Server object. It provides the useful UrlEncode( ) method, which converts a string into a form suitable for use as a query string variable, and the HtmlEncode( ) method, which converts nonlegal HTML characters in a string into the equivalent HTML entity (i.e., "<" is converted to <) so they can be displayed on a page. Some ASP.NET web controls (like buttons) do not require this conversion, but label controls do. You may need to use the HtmlEncode( ) method manually if you bind a field with URL information from a database. It also always a good idea to use HtmlEncode( ) before displaying user-supplied content to prevent possible script injection attacks.
The HttpServerUtility class provides the MapPath( ) method, which takes a string representing a virtual path and returns the real (physical) path (for example, it could convert "/myapp/index.html" to "E:\Inetpub\wwwroot\myapp\index.html"). It also provides a CreateObject( ) method for instantiating a COM object by using its ProgID (i.e., objInfo=Server.CreateObject ("MSWC.MyInfo");) and the two flow control methods Execute( ) and Transfer( ). The Execute( ) method, which runs the script in a separate ASP.NET page and then returns control to the current page, is rarely used in class-based ASP.NET programming. The Transfer( ) method halts the execution of the current page and transfers execution to the specified page. It is similar to the HttpResponse.Redirect( ) method, but does not require a roundtrip to the client and back and cannot transfer execution to a page on another server (or from an ASP.NET page to an ASP page).
public sealed class HttpServerUtility { // Public Instance Properties public string MachineName{get; } public int ScriptTimeout{set; get; } // Public Instance Methods public void ClearError( ); public object CreateObject(string progID); public object CreateObject(Type type); public object CreateObjectFromClsid(string clsid); public void Execute(string path); public void Execute(string path, System.IO.TextWriter writer); public Exception GetLastError( ); public string HtmlDecode(string s); public void HtmlDecode(string s, System.IO.TextWriter output); public string HtmlEncode(string s); public void HtmlEncode(string s, System.IO.TextWriter output); public string MapPath(string path); public void Transfer(string path); public void Transfer(string path, bool preserveForm); public string UrlDecode(string s); public void UrlDecode(string s, System.IO.TextWriter output); public string UrlEncode(string s); public void UrlEncode(string s, System.IO.TextWriter output); public string UrlPathEncode(string s); }