Andy T
Reputation: 9901
Post HTML encoded Form data to server
I'm currently using MVC 3 (WebForm view engine) and have a form that shows user comments.
If I have a comment which has an ampersand (&), <%= Html.Textbox() %> will encode it as &. However, if the form is then posted to the server, ASP.NET kicks in thinking that the submitted content is malicious.
I find myself having to use HTML decoding methods using JavaScript before the content is sent to the server.
I am able to get the results that I want, but I feel like I'm not doing this right.
Any suggestions?
Upvotes: 0
Views: 1574
Answers (1)
Nadeem Khedr
Reputation: 5313
You can use special attribute to allow safe html tags to be posted by using AllowHtml attribute , you will define your model/viewmodel as following
public class Comment
{
public int Id{get; set;}
[AllowHtml] // Allow safe html tags
public string Comment {get; set;}
}
Upvotes: 0
Related Questions
- html form posting to mvc controller
- send encoded string back to server asp.net mvc
- ASP.NET MVC 5 HttpPost
- Asp .net MVC Razor - Posting HTML from form
- ASP.Net submit html code (encode-decode)
- Encode HTML before sending to Controller/DB
- How to html encode a text before sending it unto the server?
- How to encode html and send via HTTP Post
- HtmlEncode on Post for ASP.Net MVC 3 Html.TextAreaFor
- HTML Encoding Form Post