How to escape a string in C#, for use in an LDAP query

Question

I have an LDAP query, which I am using to perform a search in C#. It uses two string variables (username and domain) which need to be escaped for security reasons.

H

Answer 1

Use AntiXss library from address: https://www.nuget.org/packages/AntiXss

string encoded = Microsoft.Security.Application.Encoder.LdapFilterEncode(input);