Reputation: 2192
C# HTML String Display
I am making an application in MVC3, i am storing a string in database in this format
<a href='path'>Text</a> Happy
The field is saving properly but i have to display it in web page with hyper link like
Text Happy
but currently it is showing like
<a href='path'>Text</a> Happy
How can i render this string as HTML on web page?
Upvotes: 18
Views: 27927
Answers (5)
Reputation: 1766
its better you Encode HTML before storing it to database.. If you're using .Net Framework 4 try this
String TestString = "This is a <Test String>.";
String EncodedString = Server.HtmlEncode(TestString);
See msdn
Otherwise use anti xss library
Its workes like a magic and really easy to implement.. Un-Encoded is not only dangerous as it can cause XSS attacks but it also causes problems with rendering on html fornt page.
Hope it helps..
Upvotes: 2
Reputation: 4346
If you are not using razor,
and string text = "<a href='path'>Text</a> Happy";
Then you want <%= text %>, not <%: text %>
As others have said, this is not considered great practice due to HTML injection, but it seems HTML injection is your intention.
Upvotes: 0
Reputation: 3441
I would really advice against doing that because it's very hard to guard against script injection problems.
That being said though, if you think that can be managed, you should be able to use @Html.Raw to render the text without escaping.
Upvotes: 0
Reputation: 1704
If you are using Razor you can use @Html.Raw() as per Phil Haack's quick reference
Upvotes: 4
Related Questions
- Display string as html in asp.net mvc view
- How to render HTML string in ASP.NET MVC?
- ASP.Net MVC - How to display string from view model inside html tag?
- C# ASP.net render HTML String
- asp.net mvc. Display html string from database
- How to display HTML content in C# string?
- Nice format of string containing HTML with ASP.NET MVC
- asp.net doesnt display the string as I wanted in html
- display Html string
- asp.net mvc - show content from string with html