MVC2 application with Ckeditor "potentially dangerous Request.Form

谁都会走 提交于 2019-12-24 00:43:40

问题


I'm getting the "Potentially dangerous Request.Form request value was detected from the client" exception when im using my FCK editor.

How could encode before submit the form, or disable this validation without disable the Data Anotations validation?

This is the code of my view:

 <% using (Html.BeginForm()) {%>
        <%: Html.ValidationSummary("Please complete in a right way the fields below.") %>

        <fieldset>
            <legend>Fields</legend>
            <div class="editor-field">
                <%: Html.LabelFor(e => e.Name)%>
                <%: Html.TextBoxFor(e => e.Name)%>
                <%: Html.ValidationMessageFor(e => e.Name)%>
            </div>
            <div class="editor-field">
                <%: Html.LabelFor(e => e.Teaser) %>
                <%: Html.TextAreaFor(e => e.Teaser)%>
                <%: Html.ValidationMessageFor(e => e.Teaser)%>
            </div>
            <div class="editor-field">
                <%: Html.LabelFor(e => e.Description) %>
                <%: Html.TextAreaFor(e => e.Description)%>
                <%: Html.ValidationMessageFor(e => e.Description)%>
            </div>
            <p>
                <input type="submit" />
            </p>
        </fieldset>

    <% } %>

<script type="text/javascript">
   //<![CDATA[
   // This call can be placed at any point after the
   // <textarea>, or inside a <head><script> in a
   // window.onload event handler.
   // Replace the <textarea id="xxxxxx"> with an CKEditor
   // instance, using default configurations.
   CKEDITOR.replace("Description");
   //]]>
</script>

Thanks a lot in advance.


回答1:


<httpRuntime requestValidationMode="2.0" />

Check: Request Validation - ASP.NET MVC 2




回答2:


[script type="text/javascript" src="/ckeditor/_source/core/editor.js"][/script]

CKEDITOR.config.htmlEncodeOutput = true;




回答3:


If you are working with the FCK editor or CKeditor you do not need to deal with the "requestValidationMode". As it will be applied on the entire application. You can just do the followings:

CKEDITOR.replace('Description', { toolbar: '1', htmlEncodeOutput: true});

Then in the controller:

model.Body = System.Net.WebUtility.HtmlDecode(model.Body);



回答4:


config.htmlEncodeOutput

But it might be easier to use a .Net wrapper for CKEditor.



来源:https://stackoverflow.com/questions/3475896/mvc2-application-with-ckeditor-potentially-dangerous-request-form

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!