Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • Html submission by AllowHtml attribute in MVC4

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 353
    Comment on it

    Html submission by AllowHtml attribute in MVC4

     

    ASP.NET MVC  does not allow HTML submission by default due to Cross Site Scripting attack in application. AllowHtml Attribute can be used for submitting the form with HTML content.

     

    AllowHtml attribute

     

    AllowHtml attribute allows submission of Html value for a particular property instead of enabling Html value for all properties. AllowHtml attribute is added to model property as a result the input validation for that particular property only will be bypassed. The AllowHtml declaration explicitly provides more security to the application than ValidateInput attribute.

     

    Example of declaring AllowHtml attribute for a particular property in model :-

     

    Declaring a model in ASP.NET Mvc :-

     

    using System.ComponentModel.DataAnnotations;
    using System.Web.Mvc;
     
    public class StudentModel
    {
     [Required]
     [Display(Name = "Student Name")]
     public string Name { get; set; }
     
     [AllowHtml]
     [Required]
     [Display(Name = "Description")]
     public string Description{ get; set; }
    } 

     

    In above example, the user will now able to submit the form with Html content only in Description property. Thus AllowHtml attribute allows Html content submission for a property instead of all properties making the application safer.

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: