I have a field that will need to ALLOW HTML. It's 100% valid and okay. When I post back from my application I get the following message:
A potentially dangerous Request.Fo开发者_运维技巧rm value was detected from the client (PowerSource.Text[0]="<p>A control im...").
To stop validation I added to my class as follows:
public class PowerSource
{
[System.Web.Mvc.AllowHtml]
public string[] Text { get; set; }
}
}
The problem is that it doesn't seem to work. I have done this for other fields and I believe it works okay. But not for the field above.
Does anyone have any suggestions? Do I need to mark this field as a data member or something like that?
Please note that I am using MVC3 and I understand validation is a bit different in this version.
The property you have decorated with the [AllowHtml]
attribute is an array (string[]
). It should be a simple string property for this to work:
[AllowHtml]
public string Text { get; set; }
Then in the view you could have a corresponding input field allowing the user to enter anything:
@Html.TextAreaFor(x => x.Text)
and finally when you submit to the following action there shouldn't be an exception:
[HttpPost]
public ActionResult Index(PowerSource model)
{
...
}
You have to add [ValidateInput(false)] in your controller, don't know if you can do this on the Model but it work for me in the controller.
[HttpPost]
[ValidateInput(false)]
public ViewResult Edit(Object obj)
{
}
精彩评论