asp.net-mvc Html.BeginForm() 工作正常,Html.BeginForm("action","controller") 忽略 [AllowHtmlAttribute]
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/16995835/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Html.BeginForm() works fine, Html.BeginForm("action","controller") ignores [AllowHtmlAttribute]
提问by Enrico Tirotta
I'm using TinyMCE editoron admin panel of my site, so i decorate the model properties (target of tinymce) with [AllowHtml]and i use Html.BeginForm()in views. When i submit form with HTML fields all work fine.
我在我网站的管理面板上使用TinyMCE 编辑器,所以我用[AllowHtml]装饰模型属性(tinymce 的目标),并在视图中使用Html.BeginForm()。当我提交带有 HTML 字段的表单时,一切正常。
But i have a problem if i use the overload Html.BeginForm("action","controller")in the same way, it skips the [AllowHtml]and throw the well-know Request.form exception. I'm forced to use [ValidateInput(false)]on Action-Method to make it work without exception. Do you know why? Thanks in advance for the clarification,
但是如果我以相同的方式使用重载Html.BeginForm("action","controller"),我会遇到问题,它会跳过[AllowHtml]并抛出众所周知的 Request.form 异常。我被迫在 Action-Method 上使用[ValidateInput(false)]以使其无一例外地工作。你知道为什么吗?预先感谢您的澄清,
This is the scenario / Project: Asp.net Mvc 4:
这是场景/项目:Asp.net Mvc 4:
Model / Ricetta.cs
模型/Riceetta.cs
..
[Required(ErrorMessage = "Corpo Articolo vuoto")]
[AllowHtml]
public string corpoTesto { get; set; }
..
Controller / RicetteController.cs
控制器/RicetteController.cs
..
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Create(RicettaViewModel modelloRicetta)
{
if (ModelState.IsValid) {
..
View Ricette/CreateCalled from another Action Method in RicetteController as View("Create", modelObject)
从RicetteController 中的另一个操作方法调用的视图 Ricette/Create作为 View("Create", modelObject)
@model WebAPP_MVC4.Areas.Admin.Models.RicettaViewModel
...
@using (Html.BeginForm("Create","Ricette",FormMethod.Post)){
@Html.AntiForgeryToken()
@Html.ValidationSummary(true)
....
<fieldset>
<legend>Corpo Ricetta ~</legend>
<div class="editor-label">
@Html.LabelFor(p=>p.ricetta.corpoTesto)
</div>
<div class="editor-field">
@Html.TextAreaFor(p=>p.ricetta.corpoTesto, new { @cols = 60, @rows = 20})
@Html.ValidationMessageFor(p=>p.ricetta.corpoTesto)
</div>
</fieldset>
..
回答by Adam ?epkowski
I made quick test and everything works perfectly there is no difference in behavior between Html.BeginForm() and Html.BeginForm("action","controller"). Maybe the reason of this issue is in the source code which you didn't show us.
Below my code(works):
VieModel:
我进行了快速测试,一切正常,Html.BeginForm() 和 Html.BeginForm("action","controller") 之间的行为没有区别。也许这个问题的原因在于你没有向我们展示的源代码。
在我的代码下面(工作):
VieModel:
public class PostViewModel
{
[AllowHtml]
[Required]
public string Content { get; set; }
}
Controller:
控制器:
public ActionResult Index()
{
return View("Create", new PostViewModel());
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Create(PostViewModel model)
{
if (ModelState.IsValid)
{
return Index();
}
return View(model);
}
View:
看法:
@model SendHTmlTpControler.Models.PostViewModel
<html>
<head>
<script src="~/Scripts/tinymce/tiny_mce.js"></script>
<script type="text/javascript">
tinymce.init({
selector: "textarea",
toolbar: "insertfile undo redo | styleselect | bold italic | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image"
});
</script>
</head>
<body>
<h2>Create</h2>
@using (Html.BeginForm("Create", "Home", FormMethod.Post))
{
@Html.AntiForgeryToken()
@Html.ValidationSummary(true)
<div class="editor-label">
@Html.LabelFor(model => model.Content)
</div>
<div class="editor-field">
@Html.TextAreaFor(model => model.Content, new { @cols = 60, @rows = 20 })
@Html.ValidationMessageFor(model => model.Content)
</div>
<p>
<input type="submit" value="Save" />
</p>
}
</body>
</html>
