The dot.net core community has a wiki on this.
You can inject encoders at a controller level (in the constructor) or reference System.Text.Encodings.Web
.
More info can be seen here:
https://learn.microsoft.com/en-us/aspnet/core/security/cross-site-scripting