ASP.NET MVC ValidateInput(假)停止与XVAL和[RegularEx pression] DataAnnotation工作 [英] ASP.NET MVC ValidateInput(false) stops working with xVal and [RegularExpression] DataAnnotation
问题描述
我想拦截<字符的形式以一个正则表达式验证器。我将描述在3个步骤的问题:
第1步:当我试图提交表单包含的字段<性格,我得到的潜在危险的请求...... - 如预期在ASP.NET
。第2步:为了避免ASP.NET的RequestValidation,我装饰我的更新方法与控制器[ValidateInput(假)。
据按预期工作 - 现在我可以张贴<性格没有错误。
第3步:我用XVAL与DataAnnotations。例如,[要求]或[StringLength(255)按预期工作。
但是当我使用:
[RegularEx pression (^ [^<>] * $的ErrorMessage =特殊字符不准),我得到的潜在dangeros的请求......错误再次,尽管[ValidateInput(假)指令。
这是怎么回事?是否有正则表达式validaton一个简单的方法,但与[ValidateInput(假)]代替?当然,我想有我的验证code的模式,而不是在控制器中。
没有,那是在MVC 1 + XVAL的问题。
在MVC 2的验证工作原理
应该(而且也没有必要XVAL
再) - Alex42
块引用>看起来像机器人不断推动这一顶端依然。你可以标记一个答案,接受这样它才能知道?
I would like to intercept the "<" character in the form field by a regex validator. I will describe the problem in 3 steps:
Step 1: When I try to submit a form with a field containing the "<" character, I get the "Potentially dangerous request..." - as expected in ASP.NET.
Step 2: To avoid ASP.NET's RequestValidation, I decorate my Update method in the controller with "[ValidateInput(false)]".
It works as expected - now I can post "<" character without error.
Step 3: I use xVal with DataAnnotations. For example, [Required] or [StringLength(255)] works as expected.
BUT when I use: [RegularExpression("^[^<>]*$", ErrorMessage = "Special characters are not allowed.")], I get the "Potentially dangeros request..." error again, despite the [ValidateInput(false)] directive.
What's happening? Is there a simpler way for regex validaton, but with [ValidateInput(false)] in place? Of course, I'd like to have my validation code in the model, not in the controller.
解决方案No, it was an issue in MVC 1 + xVal. In MVC 2 the validation works as supposed (and there's no need for xVal anymore) – Alex42
Looks like the bot keeps on pushing this one to the top still. Could you mark an answer as accepted so that it knows?
这篇关于ASP.NET MVC ValidateInput(假)停止与XVAL和[RegularEx pression] DataAnnotation工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!