The new <%: %> syntax provides a concise way to
automatically HTML encode content and then render it as output. It allows
you to make your code a little less verbose, and to easily check/verify that
you are always HTML encoding content throughout your site. This can help
protect your applications against cross-site script injection (XSS) and HTML
injection attacks.
Hope this helps,
Scott