The difference between these two commands is obscure, and plagued me for some time.  It just gelled in my head, so I thought I'd share. HtmlEncode -- makes it safe to display user-entered text on a web page.  '<' and '>' are turned into &lt; and %gt; UrlEncode -- makes it safe to work as a url.  ' ' is turned into '+' and a bunch more. Well, which to use in an HTTP POST?  The magic bullet comes from http://aspnetresources.com/blog/encoding_forms.aspx "If you're wondering which one you should use in an HTTP POST, well just think of POST data as an extremely long query...