A potentially dangerous Request.Form value was detected from the client

Question

Every time a user posts something containing < or > in a page in my web application, I get this exception thrown.

I don\'t want to go

Answer 1

In ASP.NET MVC (starting in version 3), you can add the AllowHtml attribute to a property on your model.

It allows a request to include HTML markup during model binding by skipping request validation for the property.

[AllowHtml]
public string Description { get; set; }