I am creating an ASP.NET MVC 4 application that includes <textarea>inside a form. This one has <textarea>been replaced with TinyMCE 4.x and works well on the client side.
However, since it is a WYSIWYG editor, it explicitly generated HTML. When the form is submitted to the server, I get this error from ASP.NET:
A potentially dangerous Request.Form value was detected from the client
(Description="<p>Test</p>").
Description: ASP.NET has detected data in the request that is potentially
dangerous because it might include HTML markup or script. The data might
represent an attempt to compromise the security of your application, such
as a cross-site scripting attack. If this type of input is appropriate in your
application, you can include code in a web page to explicitly allow it.
Exception Details: System.Web.HttpRequestValidationException: A potentially
dangerous Request.Form value was detected from the client
(Description="<p>Test</p>").
Source Error:
An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can be
identified using the exception stack trace below.
I would like to disable HTML validation for this particular element, not anywhere else. I am not sure how to do this.
Can someone guide me?
Thank you for your time.
source
share