html encode/decode - ckeditor

Question

I am using ckeditor in a cshtml page to input content into my database that will later be displayed on a page with html tags to make the text easier to read. Since I am inputting the content through a textarea, I am getting a an error stating that the html tags that I am inputting <h1><p> are potentially dangerous.

To bypass this without turning RequestValidation to false, in my cinfig.js file I have set:

config.htmlEncodeOutput = true;

I am decoding the data from the database when displaying in my page.

@Html.Raw(System.Web.HttpUtility.HtmlDecode(row.Memo))

This works well. I only run into trouble when I attempt to edit the content from my database a second time.

I am displaying in the editor like this:

<textarea class="ckeditor" id="editor1" name="Memo" rows="25" cols="120">@Memo</textarea>

With @Memo in the textarea, the current database content displays in the editor. The issue is that once the original text is sent to the database encoded, I believe that it is still encoded when re-displayed in the editor, when it needs to be decoded. So the editor treats the encoded tags as text and places new tags around the existing, which creates a mess.

Any ideas would be greatly appreciated. Let me know if this needs more clarification.

Thanks.

Answer 1

I gave this JUST the right amount of thought JUST after I submitted this question.

I used @Html.Raw(System.Web.HttpUtility.HtmlDecode(row.Memo)) to decode the data to be displayed on the page, so I was able to use @Html.Raw(System.Web.HttpUtility.HtmlDecode(Memo)) in place of @Memoto display in the editor, which corrected my issue.