I have a model something like this.
public class Feedback
{
public string FeedbackType { get; set; }
[AntiXss]
public string FeedbackMessage { get; set; }
}
For example, When I post the below message from FE using a 'TextArea' field
Hello (This is in first line)
This is awesome(This is in second line)
When this value gets bound to the model, it is like
'Hello\nThis is awesome'
As a result AntiXss attribute does not pass the validation (because of \n).
What I want to achieve =>
- Remove the data annotation from model
- Encode \n to something else in the controller
- Manually call the AntiXss annotation in the controller so that the value gets validated against cross side scripting other than '\n'.
Something like this.
ValidateMessage(feedbackMessage, AntiXssAttribute)
So basically I need a code which can accept the name of the attribute and the value to be validated, then finally returns me if the value is correct.
I have already tried the below code to avoid the workaround but it does not work.
[AntiXss(allowedStrings:"\n")]
