using < > in a ASP.NET MVC Form causing problems...

views:

answers:

using < > in a ASP.NET MVC Form causing problems...

I have a problem that seems like there should be a simple solution but haven't found it yet.

I have a pretty simple form that calls an action and passes it a FormCollection via HTTP Post.

The form works perfectly until I introduce < or > into the field. Then I end up on a blank page having skipped the Action altogether.

Need more information? Have any suggestions? Please help!

+2 A:

Decorate your action with [ValidateInput(false)] attribute

Gregoire 2010-06-16 19:18:46

Since this is going to be an internal application I may take this route but I am still curious and will explore the encoding route. Thanks!

Chompski 2010-06-16 20:02:13

+1 A:

You will want to encode these. AntiXSS has a library that encodes a variety of ways (because encoding for HTML, URL, XML, attributes, etc are all slightly different)

If you want to turn off security (not a good idea if you care about security), Hanselman has an article on that, too.

MatthewMartin 2010-06-16 19:19:49

Appreciate the response. I have chosen the non-validation route at this time - since this is an internal app. But I plan on exploring your route later down the line. Thanks.

Chompski 2010-06-16 20:03:20

ansaurus

tags:

views:

answers:

using < > in a ASP.NET MVC Form causing problems...

related questions