Hi, One of the new features in Asp.Net 4.0 is the inclusion of Code expressions which are HTML encoded by default. IN Asp.Net the code expression by default does not encode any text and hence it can leave the chance of Cross Site scripting attack. In...