HTML编码与TextBoxFor MVC 4 [英] Html encoding with TextBoxFor MVC 4

问题描述

每当我上述＆lt输入任何内容;尖括号>（以及其他一些HTML syntaxy的东西）到我的 TextBoxFor 抛出一个异常

  @ Html.TextBoxFor（型号=＆GT; model.tags，新{@class =表格控，占位符=标签（逗号分隔）}）
 

  

从客户端检测到有潜在危险的Request.Form值（标签=）。

我明白这一点发生prevent不安全感和HTML编码/解码是解决我的问题，但我不知道如何实现它。

我读过在 TextBoxFor 默认完成HTML编码几个地方，但如果这是真的，为什么我会遇到这个问题？

解决方案

要prevent这个警告您必须提​​上了 [AllowHtml（）] 属性您的视图模型的标签属性。

Whenever I enter anything in < angle brackets > (as well as some other html syntaxy things) into my TextBoxFor an exception is thrown

@Html.TextBoxFor(model => model.tags, new { @class = "form-control", placeholder = "tags (comma separated)" })

A potentially dangerous Request.Form value was detected from the client (tags="").

I understand this occurs to prevent insecurities and that html encoding/decoding is the solution to my issue but I'm not sure how to implement it.

I've read in a few places that TextBoxFor does html encoding by default, but if that's true why am I having this issue?

解决方案

To prevent this warning your have to put the [AllowHtml()] attribute on the tags property of your viewmodel.

这篇关于HTML编码与TextBoxFor MVC 4的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！