All geek questions in one place

How can I access unapproved items in the Request.Form collection in MVC 3

I am using ASP.NET MVC 3 with .NET 4.0. I have a model for which one of the properties requires HTML content to be allowed. I put the AllowHtml attribute in a model property that allows HTML on this property. It works on its own.

I also use the Uploadify Flash downloader on other parts of my site. Due to issues with flash and sessions, I use code similar to the code in the swfupload example to allow my file to load access to session data. Basically, I access the Request.Form collection directly in the Application_BeginRequest handler.

The problem I ran into is that when a form that allows HTML is created, I get an HttpRequestValidationException when the code in the Application_BeginRequest handler accesses the Request.Forms[key] collection.

As I said at the beginning, I tried the AllowHtml attribute. I also tried disabling validation at the action and controller level using the ValidateInput(false) attribute, but I believe that I am too early in the request life cycle for those that are applicable. Is there anyway access to the Request.Form collection containing "potentially dangerous" data without disabling request validation for the entire site?

+4
source share
2 answers

You ask about something like this: Check request with Request.Unvalidated () in ASP MVC 3 RC and .NET 4 ?

 Request.Unvalidated().Params[""]
+5
source

For the record, another way to do this is to create an unapproved object:

 var unvalidatedRequest = System.Web.Helpers.Validation.Unvalidated(Request);

Then you need to access the unvalidatedRequest object, rather than repeating Unvalidated() several times.

The Validation.Unvalidated method has various overloads.

0
source

Source: https://habr.com/ru/post/1434712/

More articles:


All Articles