1

If anyone can help me that would be great. I'm trying to submit any changes without getting the...

"A potentially dangerous Request.Form value was detected from the client.

I'm using tinyMCE with my project and if I enter any content that has any HTML characters I get the above message

I have tried various solutions here on Stackoverflow and elsewhere but they didn't work for me. The last solution I tried was here

Another site that looked promosing but without luck...

I haven't done any development for a while so I'm a tad rusty and not sure what you'll need until you ask.

Thank you

NickP
  • 357
  • 1
  • 7
  • 18

1 Answers1

1

Use Request.Unvalidated to reference your textarea in your code block:

var html = Request.Unvalidated("myTextArea");

If you want to output whatever the user submitted, and you wanted the browser to respect the HTML markup that is included, you need to use Html.Raw:

You entered: @Html.Raw(html)
Mike Brind
  • 28,238
  • 6
  • 56
  • 88
  • Thanks Mike - I added the Request.Unvalidated at the top but how do I use the @HTML.Raw(html)? Is it added inside the form tags? – NickP Feb 12 '13 at 22:56
  • You would only use it if you wanted to output HTML - in other words, if you wanted to render whatever the user entered into the textarea. I have updated the answer in an attempt to provide further clarity. – Mike Brind Feb 13 '13 at 08:10
  • Thanks Mike, I cant seem to get the Request.Unvalidate("myTextArea") to work no matter what I do. Made changes to the config file ...validation="false" etc but no luck – NickP Feb 13 '13 at 08:37