我有一个具有此属性的模型:
[AllowHtml]
[DisplayName("Widget for Table")]
[StringLength(1000, ErrorMessage = "Maximum chars 1000")]
[DataType(DataType.Html)]
public object TableWidget { get; set; }
下面是 Controller 中的创建方法:
//
// GET: /Admin/Table/Create
public ActionResult Create(int id)
{
Season season = _seasonRepository.GetSeason(id);
var table = new Table
{
SeasonId = season.SeasonId
};
return View(table);
}
//
// POST: /Admin/Table/Create
[HttpPost]
public ActionResult Create(Table a)
{
if (ModelState.IsValid)
{
_tableRepository.Add(a);
_tableRepository.Save();
return RedirectToAction("Details", "Season", new { id = a.SeasonId });
}
return View();
}
最后是我的观点:
@model Stridh.Data.Models.Table
@using (Html.BeginForm())
{
@Html.ValidationSummary(true)
<fieldset>
<legend>Fields</legend>
<div class="editor-label">
@Html.LabelFor(model => model.Name)
</div>
<div class="editor-field">
@Html.EditorFor(model => model.Name) @Html.ValidationMessageFor(model => model.Name)
</div>
<div class="editor-label">
@Html.LabelFor(model => model.TableURL)
</div>
<div class="editor-field">
@Html.EditorFor(model => model.TableURL) @Html.ValidationMessageFor(model => model.TableURL)
</div>
<div class="editor-label">
@Html.LabelFor(model => model.SortOrder)
</div>
<div class="editor-field">
@Html.EditorFor(model => model.SortOrder) @Html.ValidationMessageFor(model => model.SortOrder)
</div>
<div class="editor-label">
@Html.LabelFor(model => model.TableWidget)
</div>
<div class="editor-field">
@Html.EditorFor(model => model.TableWidget) @Html.ValidationMessageFor(model => model.TableWidget)
</div>
<div class="editor-label invisible">
@Html.LabelFor(model => model.SeasonId)
</div>
<div class="editor-field invisible">
@Html.EditorFor(model => model.SeasonId)
</div>
<p>
<input type="submit" value="Create" />
</p>
</fieldset>
}
当我添加一个没有 html 的“正常”消息时,一切都保存正常,但在保存时显示一个潜在危险的 Request.Form...
另一件奇怪的事情是我让这个 [AllowHtml] 在另一个模型类中工作。我找不到为什么这会给我带来麻烦。需要你的帮助。 :-)
最佳答案
您使用 AllowHtml
的方式应该可行。确保您没有在代码中的其他任何地方( Controller 、过滤器等)访问 HttpRequest.Form
集合,因为这会触发 ASP.NET 请求验证和您看到的错误。如果您确实想要访问该变量,那么您应该通过以下代码访问它。
using System.Web.Helpers;
HttpRequestBase request = .. // the request object
request.Unvalidated().Form;
关于c# - AllowHtml 属性不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4861927/