Reputation: 9013
ValidateRequest in Razor syntax
I have the following header of ASP.Net MVC page:
<%@ Page Title="" Language="C#" MasterPageFile="~/Views/Shared/Admin.Master" Inherits="System.Web.Mvc.ViewPage<NEOGOV_Ideas.Models.SubIdeaAdminPage>"
ValidateRequest="false" %>
I need to move this page to Razor syntax. How should I set ValidateRequest? Thanks
Upvotes: 14
Views: 12327
Answers (4)
Reputation: 16548
If you are using Razor syntax in a CSHTML page without MVC, this was the solution that ultimately worked for me. The link below lead me to this result.
var xml = Request.Unvalidated().Form["Xml"];
https://www.codeproject.com/Questions/5317736/How-to-avoid-potential-dangerous-request-From-valu
Upvotes: 0
Reputation: 9013
From MVC 4 we can allow html content only for property of model class, not for the whole request. Just need to mark property by attribute AllowHtml
public class EditorialPixlocateRequestViewModel
{
[AllowHtml]
public string Xml { get; set; }
}
Upvotes: 2
Reputation: 3883
Decorate your action method with ValidateInput attribute
[HttpPost]
[ValidateInput(false)]
public ActionResult index()
{
return view();
}
Upvotes: 27
Reputation: 8595
You shouldn't need that line in the view, instead use the ValidateInput(false) attribute on the controller method.
Make sure you've got this in your web.config if you're using ASP .net 4.0 (which I presume you are if you're using MVC 3)
<httpRuntime requestValidationMode="2.0"/>
Martin
Upvotes: 15
Related Questions
- MVC 3 Razor - Trigger validation from controller
- Request Validation with ASP.Net MVC 5
- html.validation asp.net razor
- Request validation in asp.net mvc
- MVC Validation not working as expected
- Equivalent for validateRequest in mvc3
- ValidateRequest at Model level
- ValidateRequest="false" not worked
- Request Validation - ASP.NET MVC 2
- Issue with validation on Razor View in MVC