I'm trying to deserialize a JSO开发者_JAVA技巧N object in c#, my problem is that one of the fields can contain html text (I plan on sanitizing it afterwards).
I’m using a JavaScriptSerializer object to deserialize, but I’m getting a “Invalid object passed in“ error (from the JavaScriptSerializer). If I pass plain text for that same field it works fine and the other fields (including a date and an array) in the object also deserialize correctly so it seems like the html is what’s tripping it up.
I’m using JSON.stringify to serialize the Javascript object and I’m passing it to my page via jQuery.
Is there something I’m supposed to do to in order to pass a string that contains html? I’ve tried enclosing it in quotes, but it didn’t help.
As an example of a string that's accepted vs what throws an error: "Test" is fine while
"<div style="text-align: center;">Test</div>"
is not.
Strangely <span>
tags also seem to be fine.
Can you encode the html with the javascript escape()
function before serializing.
You may have to encodeURIComponent in javascript, then HttpServerUtility.UrlDecode in .NET
You can't pass in HTML characters that aren't encoded for security reasons. You can override this in MVC.Net at the application of function level if you feel secure in your source.
just do some replace like this
jsonString.Replace(@"=""\""",@"=\""\""").Replace(@"\""""",@"\""\""").Replace(@"=""""", @"=\""\""")
精彩评论