I am developing a personal 开发者_运维知识库blog in ASP.NET MVC 1.0. This blog application has Views like "Insert Post", "Edit Post", etc. I need to post a string containing HTML back to the appropriate controller method. That HTML value is being posted from a textarea.
I've read that it's necessary to disable ValidateRequest
directly on the page with the attribute ValidateRequest = "false"
or in the web.config file.
When I insert an HTML value in my textarea, I get always the error of 'potential value dangerous'.
How can I use ValidateRequest
to allow the form element containing HTML values to be posted?
For ASP.Net MVC, you have to use the ValidateInput(false) Attribute on your Controller action like so:
[ValidateInput(false)]
public ActionResult SaveBodyCopy(int? id, string richTextEditor1)
Then the rest of your Controller action.
精彩评论