Last post Jun 13, 2011 04:50 AM by Mikesdotnetting
Jun 11, 2011 11:15 PM|Scal|LINK
String messageContent = Server.HtmlEncode(Request["messageContent"]);
I still get an System.Web.HttpRequestValidationException. Do I have to set the validation request to false in Razor? If so, can I do it at page level and how? I know how for "regular" C# code in the <%@ Page %> directive but couldn't find how for Razor.
Jun 12, 2011 06:44 AM|Mikesdotnetting|LINK
You can exclude individual form fields from Request Validation by using the Validation.Exclude method on them. If you want to display the result as HTML, output it using Html.Raw(), or you might want to filter it for nasty html first. The HTML Input And
XSS Attacks section of this article should help:
Jun 12, 2011 08:01 AM|Scal|LINK
was what I was looking for.
Jun 12, 2011 10:12 PM|Scal|LINK
Validation.Exclude() requires a specific namespace?
Jun 13, 2011 04:50 AM|Mikesdotnetting|LINK
Sorry - I should update that article. It was changed to Request.Unvalidated:
var formfield = Request.Unvalidated("formfield");