你是如何处理换行符在HTML恩codeD MVC看法? [英] How do you handle line breaks in HTML Encoded MVC view?
问题描述
我不能确定的处理是最好的方法。在我的索引视图我显示包含在 TempData的消息[消息] 。这让我从另一个动作来时(例如显示某些错误或信息性消息给用户,如果用户试图进入编辑操作时,他们用不上,就踢回给指数与消息您无权编辑这个数据)。
I am unsure of the best way to handle this. In my index view I display a message that is contained in TempData["message"]. This allows me to display certain error or informational messages to the user when coming from another action (for example, if a user tries to enter the Edit action when they don't have access, it kicks them back to the Index with a message of "You are not authorized to edit this data").
在此之前显示消息,我跑 Html.En code(TempData的[消息])。不过,我最近接触到的地方为较长的消息我希望能够通过换行来行分离出来的问题(< BR> )。不幸的是(显然),在< BR> 获得EN codeD由 Html.En code 所以它不会导致实际的换行符。
Prior to displaying the message, I run Html.Encode(TempData["message"]). However, I have recently come into the issue where for longer messages I want to be able to separate the lines out via line breaks (<br>). Unfortunately (and obviously), the <br> gets encoded by Html.Encode so it doesn't cause an actual line break.
我如何工艺路线正确打破在HTML恩codeD字符串?
How do I process line breaks correctly in Html Encoded strings?
推荐答案
我和@罗杰的评论表示赞同 - 确实没有任何需要连接code什么,你有完全控制
I agree with @Roger's comment - there is not really any need to encode anything that you have total control over.
如果您仍然希望比有备无患(这不是一件坏事),你可以使用的微软AntiXss库,并使用 .GetSafeHtmlFragment(输入)法 - 看到<一个href=\"http://blogs.msdn.com/b/securitytools/archive/2009/09/01/html-sanitization-in-anti-xss-library.aspx\"相对=nofollow> HTML清理防XSS库
If you still wish to be better safe than sorry (which isn't a bad thing), you could use the Microsoft AntiXss library and use the .GetSafeHtmlFragment(input) method - see HTML Sanitization in Anti-XSS Library
例如
<%= AntiXss.GetSafeHtmlFragment(TempData["message"]) %>
这篇关于你是如何处理换行符在HTML恩codeD MVC看法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
