AllowHtml not working for ASP.Net Mvc 3 site
We\'re trying to use the [AllowHtml] decoration on one of our ViewModel properties so that we can avoid the YSOD:
A potentially dangerous Request.Form
-
In his answer Darin is definitely onto something when he asks
So you gotta be doing something different than what I showed here. What is it?
I am guessing you have something else affecting the ASP.NET pipeline that is accessing the
FormCollectionprior to your[AllowHtml]being taken into account. Off the top of my head some common ASP.NET MVC OSS libraries that touch the pipeline are ELMAH, Glimpse, WebActivator, MvcContrib, there are many more but you get the idea.I have to believe you are using one of the tools above or something similar. Assuming you are make sure you are on the latest release of each and check their open bug reports.
Finally, a quick way to determine if its your code, your MVC instance or an OSS library would be to create a test project. Try creating a vanilla ASP.NET MVC project. Ensure that
AllowHtmlworks. Then add in your various OSS components until it breaks. Just be sure when you are adding in OSS components that the versions match what you are using in your current project.讨论(0) -
You gotta be doing something wrong. Unfortunately as you haven't shown your example we cannot know what you are doing wrong. So let me write you a full working example:
Model:
public class MyViewModel { [AllowHtml] public string RequestText { get; set; } }Controller:
public class HomeController: Controller { public ActionResult Index() { var model = new MyViewModel { RequestText = "<strong>Hello World</strong>"; }; return View(model); } [HttpPost] public ActionResult Index(MyViewModel model) { return View(model); } }View:
@model MyViewModel @using (Html.BeginForm()) { @Html.TextAreaFor(x => x.RequestText) <button type="submit">OK</button> }So you gotta be doing something different than what I showed here. What is it?
讨论(0)
加载中...
- 热议问题