我的引擎是 Aspx。
如何解码/编码文本框中的 html 标签。我有 html 标签
以使其更具可读性。我尝试了 ValidationRequest 和 htmlDecode(freqQuestion.Answer) 但没有运气。我只是不断收到同样的信息。
“/管理员”应用程序中的服务器错误。
从客户端检测到潜在危险的 Request.Form 值(QuestionAnswer="...ics 电话:
123-456-7890说明:请求验证检测到潜在危险的客户端输入值,请求的处理已中止。此值可能表示试图破坏您的应用程序的安全性,例如跨站点脚本攻击。要允许页面覆盖应用程序请求验证设置,请将 httpRuntime 配置部分中的 requestValidationMode 属性设置为 requestValidationMode="2.0"。例子: 。设置此值后,您可以通过在 Page 指令或配置部分中设置 validateRequest="false" 来禁用请求验证。但是,强烈建议您的应用程序在这种情况下明确检查所有输入。有关详细信息,请参阅 http://go.microsoft.com/fwlink/?LinkId=153133。
View Page
<%@ Page Title="" Language="C#" MasterPageFile="~/Views/Shared/Site.Master" validateRequest="false" Inherits="System.Web.Mvc.ViewPage<dynamic>" %>
<asp:Content ID="Content1" ContentPlaceHolderID="TitleContent" runat="server">
EditFreqQuestionsUser
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="MainContent" runat="server">
<script type="text/javascript">
$(document).ready(function () {
$("#freqQuestionsUserUpdateButton").click(function () {
$("#updateFreqQuestionsUser").submit();
});
});
</script>
<h2>Edit Freq Questions User </h2>
<%Administrator.DarkstarAdminProductionServices.FreqQuestionsUser freqQuestionsUser = ViewBag.freqQuestionsUser != null ? ViewBag.freqQuestionsUser : new Administrator.DarkstarAdminProductionServices.FreqQuestionsUser(); %>
<%List<string> UserRoleList = Session["UserRoles"] != null ? (List<string>)Session["UserRoles"] : new List<string>(); %>
<form id="updateFreqQuestionsUser" action="<%=Url.Action("SaveFreqQuestionsUser","Prod")%>" method="post">
<table>
<tr>
<td colspan="3" class="tableHeader">Freq Questions User Details <input type ="hidden" value="<%=freqQuestionsUser.freqQuestionsUserId%>" name="freqQuestionsUserId"/> </td>
</tr>
<tr>
<td colspan="2" class="label">Question Description:</td>
<td class="content">
<input type="text" maxlength="2000" name="QuestionDescription" value="<%=freqQuestionsUser.questionDescription%>" />
</td>
</tr>
<tr>
<td colspan="2" class="label">QuestionAnswer:</td>
<td class="content">
<input type="text" maxlength="2000" name="QuestionAnswer" value="<%=Server.HtmlDecode(freqQuestionsUser.questionAnswer)%>" />
</td>
</tr>
<tr>
<td colspan="3" class="tableFooter">
<br />
<a id="freqQuestionsUserUpdateButton" href="#" class="regularButton">Save</a>
<a href="javascript:history.back()" class="regularButton">Cancel</a>
</td>
</tr>
</table>
</form>
</asp:Content>
控制器
[AuthorizeAttribute(AdminRoles = "EditFreqQuestionsUser")]
public ActionResult SaveFreqQuestionsUser(string QuestionDescription, string QuestionAnswer)
{
Guid freqQuestionsUserId = Request.Form["freqQuestionsUserId"] != null ? new Guid(Request.Form["freqQuestionsUserId"]) : Guid.Empty;
//load agreement eula ref
AdminProductionServices.FreqQuestionsUser freqqQuestionsUser = Administrator.Models.AdminProduction.FreqQuestionsUser.LoadFreqQuestionsUser(freqQuestionsUserId, string.Empty, string.Empty)[0];
freqqQuestionsUser.questionDescription = QuestionDescription;
freqqQuestionsUser.questionAnswer = QuestionAnswer;
//save it
Administrator.Models.AdminProduction.FreqQuestionsUser.addFreqQuestionsUser(freqqQuestionsUser);
return RedirectToAction("SearchFreqQuestionsUser", "Prod", new { FreqQuestionsUserId = freqQuestionsUserId });
}