HTML编码与TextBoxFor MVC 4 [英] Html encoding with TextBoxFor MVC 4
问题描述
每当我上述&lt输入任何内容;尖括号>(以及其他一些HTML syntaxy的东西)到我的 TextBoxFor
抛出一个异常
@ Html.TextBoxFor(型号=> model.tags,新{@class =表格控,占位符=标签(逗号分隔)})
从客户端检测到有潜在危险的Request.Form值(标签=)。
块引用>我明白这一点发生prevent不安全感和HTML编码/解码是解决我的问题,但我不知道如何实现它。
我读过在
TextBoxFor
默认完成HTML编码几个地方,但如果这是真的,为什么我会遇到这个问题?解决方案要prevent这个警告您必须提上了
[AllowHtml()]
属性您的视图模型的标签属性。Whenever I enter anything in < angle brackets > (as well as some other html syntaxy things) into my
TextBoxFor
an exception is thrown@Html.TextBoxFor(model => model.tags, new { @class = "form-control", placeholder = "tags (comma separated)" })
A potentially dangerous Request.Form value was detected from the client (tags="").
I understand this occurs to prevent insecurities and that html encoding/decoding is the solution to my issue but I'm not sure how to implement it.
I've read in a few places that
TextBoxFor
does html encoding by default, but if that's true why am I having this issue?解决方案To prevent this warning your have to put the
[AllowHtml()]
attribute on the tags property of your viewmodel.这篇关于HTML编码与TextBoxFor MVC 4的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!