Hello. I am writing the admin panel for the site, and there when adding an article xss filtering should be disabled, otherwise an error pops up. How to disable for this action or xss controller filtering?
- If anyone is interested, I found the answer here: hashcode.ru/questions/132615/… . The answer to this question did not work, but I accept it because of the absence of others. - Eriendel
- oneHe transferred his answer here, because here he has a place :) - Shad
|
3 answers
Apparently, the ValidateInputAttribute attribute should help you. It can be hung on separate methods of the controller ( actions ), or immediately on the entire controller. The constructor takes one parameter — enableValidation . I think the meaning is clear. However, in ASP.NET version 4 and higher, for this attribute to work correctly, it is necessary to change the request validation mode in Web.config:
<system.web> <httpRuntime requestValidationMode="2.0" /> </system.web> This needs to be done, because in the "4.0" mode the request is validated even before the " BeginRequest " phase of the HTTP request. Therefore, validation will begin before the ValidateInputAttribute attribute ValidateInputAttribute . Mode "2.0" will return the correct behavior.
Shad shad
3,338 15 22
|
I apologize, maybe I misunderstood the question and your comment about what worked and what didn't, but is this the attribute you need? [ValidateInput (false)]
hdimon hdimon
499 five 13
- Yes it is. - Eriendel 4:27 pm
|
For this field in the model, try to specify the type not string , but HtmlString .
Deleted
351 one five 13
AlekseyB AlekseyB
814 four eight
- And by the way does not work - Eriendel
|