Reputation: 151
ValidateRequest="false" doesn't work when posting HTML values
I am developing a personal blog in ASP.NET MVC 1.0. This blog application has Views like "Insert Post", "Edit Post", etc. I need to post a string containing HTML back to the appropriate controller method. That HTML value is being posted from a textarea.
I've read that it's necessary to disable ValidateRequest directly on the page with the attribute ValidateRequest = "false" or in the web.config file.
When I insert an HTML value in my textarea, I get always the error of 'potential value dangerous'.
How can I use ValidateRequest to allow the form element containing HTML values to be posted?
Upvotes: 2
Views: 965
Answers (1)
Reputation: 5252
For ASP.Net MVC, you have to use the ValidateInput(false) Attribute on your Controller action like so:
[ValidateInput(false)]
public ActionResult SaveBodyCopy(int? id, string richTextEditor1)
Then the rest of your Controller action.
Upvotes: 7
Related Questions
- MVC 5 trouble on validating posted form inputs that are html encoded
- Submitting html code without setting ValidateRequest to false
- ValidateRequest = False but in action it's still True and ignored that?
- Asp.Net 4.0 MVC 3: Post html code
- ASP.NET MVC form won't post
- Post data from html editor to controller action in MVC
- Why do I get HttpRequestValidationException submitting user input with raw html?
- ValidateRequest="false" not worked
- ValidateInput(false) and AllowHtml attributes still cause 'A potentially dangerous Request.Form value was detected'
- Posting text with html tags without changing the requestValidationMode?