动态HTML内容 - ＆QUOT;从客户端英寸时检测到有潜在危险的Request.Form值; [英] Dynamic HTML content - "A potentially dangerous Request.Form value was detected from the client"

查看：105 发布时间：2016/6/12 20:22:28 c# asp.net asp.net-mvc asp.net-mvc-3

本文介绍了动态HTML内容 - ＆QUOT;从客户端英寸时检测到有潜在危险的Request.Form值;的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我使用MVC 3和剃刀。

I'm using MVC 3 and Razor.

我有一个页面，你可以创建一个供应商。在前端，一个供应商的页面有三件事情：名称，描述（HTML），和包含HTML多个标签。我的客户想要的选项卡是动态的，他们希望能够当他们增加一个供应商添加/编辑/删除选项卡和内容。

I have a page where you can create a Vendor. On the front-end, a vendor's page has 3 things: A name, a description (HTML), and multiple tabs that contain HTML. My client wants the tabs to be dynamic, they want to be able to add/edit/delete tabs and content when they add a vendor.

因此，这里是我的数据库设计：

So here's my database design:

Vendors
-------------------
VendorID (PK)
Name
Description

VendorTabs
-------------------
VendorTabID (PK)
VendorID (FK)
Title
Content

下面是我的视图模型：

public class VendorViewModel
{
    [ScaffoldColumn(false)]
    public int VendorId { get; set; }

    public string Name { get; set; }

    [AllowHtml]
    public string Description { get; set; }
}

和我的控制器POST方法：

And my controller post method:

[HttpPost]
public ActionResult Create(VendorViewModel viewModel, string[] tabTitles, string[] tabContent)
{
    var vendor = new Vendor();
    vendor.Name = viewModel.Name;
    vendor.Description = viewModel.Description;

    if (ModelState.IsValid)
    {
        for (int i = 0; i < tabTitles.Length; i++)
        {
            vendor.VendorTabs.Add(new VendorTab
            {
                VendorID = vendor.VendorID,
                Title = tabTitles[i],
                Content = tabContent[0]
            });
        }

        _vendorsRepository.SaveVendor(vendor);

        return RedirectToAction("Index");
    }

    return View(viewModel);     // validation error, so redisplay same view
}

在我看来，我有功能动态添加/删除字段标签标题和标签说明。他们通过阵列 tabTitles 和 tabContent 传递给控制器。但是，当我在动态标签的内容发布形式HTML，我得到以下错误：

In my view, I have functionality to dynamically add/remove fields for a tab title and a tab description. They are passed to the controller through the arrays tabTitles and tabContent. But when I post the form with HTML in the dynamic tab content, I get the following error:

从客户端检测到有潜在危险的Request.Form值

A potentially dangerous Request.Form value was detected from the client

我就遇到了这个问题之前，与我的供应商描述字段。经过一番研究，我看到了，我可以添加 AllowHtml 注释。

I ran into this problem before, with the Description field for my Vendor. After some research, I saw that I can add the AllowHtml annotation.

如何申请相同的功能，以我的动态内容？

How can I apply the same functionality to my dynamic content?

推荐答案

而不是阵列 tabTitle 和 tabContent ，构建您的视图模型的方式，你可以把 AllowHtmlAttribute 上，可以采取在用户内容的每个个人财产，然后就包括对这些在你要绑定的型号列表查看到

instead of arrays tabTitle and tabContent, structure your viewmodel in a way that you can put the AllowHtmlAttribute on each individual property that could take in user content, and then just include a List of these in the Model you are binding the View to

public class TabViewModel
{
    [AllowHtml]
    public string Title { get; set; }

    [AllowHtml]
    public string Content { get; set; }
}

这篇关于动态HTML内容 - ＆QUOT;从客户端英寸时检测到有潜在危险的Request.Form值;的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

动态HTML内容 - ＆QUOT;从客户端英寸时检测到有潜在危险的Request.Form值; [英] Dynamic HTML content - "A potentially dangerous Request.Form value was detected from the client"

问题描述

推荐答案

相关文章

C#/.NET最新文章

热门教程

热门工具

登录关闭

动态HTML内容 - ＆QUOT;从客户端英寸时检测到有潜在危险的Request.Form值; [英] Dynamic HTML content - &quot;A potentially dangerous Request.Form value was detected from the client&quot;

问题描述

推荐答案

相关文章

C#/.NET最新文章

热门教程

热门工具

登录 关闭

动态HTML内容 - ＆QUOT;从客户端英寸时检测到有潜在危险的Request.Form值; [英] Dynamic HTML content - "A potentially dangerous Request.Form value was detected from the client"

登录关闭