This is a tough one to explain, so please bear with me. I am using a combination of server-side encoding using the ASP.NET HttpUtility.HtmlEncode() method and client-side encoding with jsRender (awesome rendering library by the way.)
When I use either of these by themselves it works fine. The character < would become < but it would still display as < in the browser which is good because sometimes there are legitimate cases where these characters are used and need to be displayed to the user correctly, but not executed by the browser.
The problem is when I encode server-side and then also encode that same string client-side it now displays the encoded string in the browser. You are probably asking yourself why would I want to do it in both places. The reason for that is that I prefer to do it server side but I like having the client-side there too in case a developer forgets to do it server-side or vice versa as a failsafe.
Is there any way to have it encode in both places and still have it display as the non encoded string in the browser?
I ended up solving this by creating my own custom jsRender tag with a custom render function that checks to see if the string is already encoded and if it is it will leave it alone otherwise it will encode it.
Here is the link for creating custom tags jsRedner Custom Tags Documentation