MVC Allow Html String
AllowHtml Attribute to allow html string in mvc 4 application
Whenever you are trying to enter html data in text box or textarea input box from, when you submit from following error get.Server Error in ‘/’ Application.
A potentially dangerous Request.Form value was detected from the client
Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see http://go.microsoft.com/fwlink/?LinkID=212874.
There are two options to resolve this error.
Options 1: Using [AllowHtml] attribute (Recommended way)
Make use of [AllowHtml] attribute on model field you want to allow html input. (Recommended way)
using System.Web.Mvc; public class BlogPost { public string Title { get; set; } [AllowHtml] public string Content { get; set; } }
Options 2: [ValidateInput(false)] on controller method (non recommended way), because it will not validate any others input field.
[HttpPost] [ValidateInput(false)] public ActionResult Create(BlogPost model) { ViewBag.HtmlContent = model.Content; return View(model); }
MVC Allow Html String
Reviewed by Bhaumik Patel
on
7:30 AM
Rating: