我正在创建一个 ASP.NET MVC 4 应用程序,其中包含 <textarea>在一个表格里面。这<textarea>已替换为 TinyMCE 4.x它在客户端运行良好。
但是,由于这是一个所见即所得的编辑器,它显然生成了 HTML。将表单提交到服务器时,我从 ASP.NET 收到此错误:
A potentially dangerous Request.Form value was detected from the client
(Description="<p>Test</p>").
Description: ASP.NET has detected data in the request that is potentially
dangerous because it might include HTML markup or script. The data might
represent an attempt to compromise the security of your application, such
as a cross-site scripting attack. If this type of input is appropriate in your
application, you can include code in a web page to explicitly allow it.
Exception Details: System.Web.HttpRequestValidationException: A potentially
dangerous Request.Form value was detected from the client
(Description="<p>Test</p>").
Source Error:
An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can be
identified using the exception stack trace below.
我想关闭这个特定元素的 HTML 验证,而不是其他地方。我不确定我该怎么做。
有人可以指导我吗?
感谢您的宝贵时间。
最佳答案
使用AllowHtml仅针对特定属性禁用请求验证的属性:
[AllowHtml]
public string YourProperty { get; set; }
您可以在此处找到详细说明:Request Validation in ASP.NET
关于c# - ASP.NET MVC 4 和 WYSIWYG 编辑器验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23504594/