A potentially dangerous Request.Form value was detected from the client

前端 未结 30 2220
刺人心
刺人心 2020-11-21 05:24

Every time a user posts something containing < or > in a page in my web application, I get this exception thrown.

I don\'t want to go

30条回答
  •  伪装坚强ぢ
    2020-11-21 05:34

    In ASP.NET MVC (starting in version 3), you can add the AllowHtml attribute to a property on your model.

    It allows a request to include HTML markup during model binding by skipping request validation for the property.

    [AllowHtml]
    public string Description { get; set; }
    

提交回复
热议问题