如何跳过MVC中的ValidateRequest验证
大家好,又见面了,我是你们的朋友全栈君。
MVC中客户端传值到服务器端时,如果客户端字符串含有“</>”字样时就会报“检测到有潜在危险”的错误。
如:从客户端(“test<br/>ttt”)中检测到有潜在危险的 Request.Form 值。
解决办法:在对应的ActionResult 前面加上[ValidateInput(false)]就可以解决,去除验证。
下面是一个富文本的页面源码示例:
<%@ Page Language=”C#” MasterPageFile=”~/Views/Shared/Site.Master” Inherits=”System.Web.Mvc.ViewPage<SNDA.SPM.Web.Models.NewsModel>” %>
<%@ Register Assembly=”FredCK.FCKeditorV2″ Namespace=”FredCK.FCKeditorV2″ TagPrefix=”FCKeditorV2″ %>
<asp:Content ID=”Content2″ ContentPlaceHolderID=”head” runat=”server”>
<h2>UPS后台管理</h2>
<script src=”../../Scripts/jqui/jquery-1.4.2.js” type=”text/javascript”></script>
<script src=”../../Scripts/fckeditor.js” type=”text/javascript”></script>
<script src=”../../Scripts/jquery.validate.js” type=”text/javascript”></script>
</asp:Content>
<asp:Content ID=”Content1″ ContentPlaceHolderID=”MainContent” runat=”server”>
<script type=”text/javascript” language=”javascript”>
$(document).ready(function() {
var oFCKeditor = new FCKeditor(‘Content’);
oFCKeditor.ToolbarSet = “Wiki”;
oFCKeditor.ReplaceTextarea();
$(document.forms.item(0)).validate({
errorClass: “error”,
rules:
{
Title: “required”,
Content: “required”
},
messages:
{
Title: “*请输入新闻标题“,
Content: “*请输入新闻正文“
}
});
});
</script>
<div title=”软件包名“ style=”margin:10px 10px;“>
<table width=”100%” border=”0″ id=”elButton1″>
<tr>
<td width=”10%”>软件包名</td>
<td align=”left” style=”font-size:20px;font-weight:bold;“><%= Model.name%></td>
</tr>
<tr title=”新闻标题“>
<td>新闻标题</td>
<td>
<input type=”text” name=”Title” />
</td>
</tr>
<tr><td colspan=”2″>正文</td></tr>
<tr title=”正文“>
<td colspan=”2″>
<textarea name=”Content” id=”Content” cols=”60″ rows=”6″></textarea>
</td>
</tr>
<tr title=”Buttons” style=”height:34px;“>
<td valign=”bottom” align=”right”><input type=”submit” style=”width:80px;height:25px;“ value=”发布“ /></td>
<td>
<%= Html.ActionLink(” “, “Index”, new { id = Model.sid })%>
</td>
</tr>
</table>
</div>
</asp:Content>
发布者:全栈程序员栈长,转载请注明出处:https://javaforall.cn/144837.html原文链接:https://javaforall.cn
腾讯云开发者
