Why is SPHttpUtility.HtmlEncode preferred to HttpUtility.HtmlEncode?

Question

The SharePoint Code Analysis Framework rule SPC020220: Do not call 'HttpUtility.HtmlEncode' states that:

The assembly should not call HttpUtility.HtmlEncode(string) to encode strings [and that] SPHttpUtility.HtmlEncode [should be used] instead.

I don't understand the rationale. If I understand correctly, both methods perform the same thing. According to MSDN:

The HtmlEncode method replaces ampersand, double-quotation, single-quotation, less-than, and greater-than characters with the appropriate entity references.

So does HttpUtility.HtmlEncode(string).

• Why preferring the first to the second?

• What is a case where two methods will perform differently?

Answer 1

The reason is explained in the link you had given.

"The .NET Framework HttpUtility encoding library does not encode all characters sufficiently. For example, SPHttpUtility in SharePoint encodes a single quotation mark as ' but .NET Framework HttpUtility does not encode the single quotation mark."

Apart from that, there isn't much preference i guess. The SPHttpUtility.HtmlEncode encodes few other characters that the HttpUtility does not encode.