I want to use Microsofts WPL AntiXSS Library as default HTTPEncoder as described at haacked but this documentation is for WPL 3.1 and I've read that there is a change regarding HTTPEncoder with latest WPL 4.0. What is the best way to implement it so that all input fields are automatically encoded? Thanks!
The most inportant change in this context seems to be that if you pass a null as the value for encoding function the function will return null (previous behavior was to return String.Empty). The System.IO.TextWriter will handle nulls properly, so everything should work as expected.