Last post Jun 13, 2011 05:50 AM by Mikesdotnetting
Jun 12, 2011 12:15 AM|Scal|LINK
String messageContent = Server.HtmlEncode(Request["messageContent"]);
I still get an System.Web.HttpRequestValidationException. Do I have to set the validation request to false in Razor? If so, can I do it at page level and how? I know how for "regular" C# code in the <%@ Page %> directive but couldn't find how for Razor.
Jun 12, 2011 07:44 AM|Mikesdotnetting|LINK
You can exclude individual form fields from Request Validation by using the Validation.Exclude method on them. If you want to display the result as HTML, output it using Html.Raw(), or you might want to filter it for nasty html first. The HTML Input And
XSS Attacks section of this article should help:
Jun 12, 2011 09:01 AM|Scal|LINK
was what I was looking for.
Jun 12, 2011 11:12 PM|Scal|LINK
Validation.Exclude() requires a specific namespace?
Jun 13, 2011 05:50 AM|Mikesdotnetting|LINK
Sorry - I should update that article. It was changed to Request.Unvalidated:
var formfield = Request.Unvalidated("formfield");