Is HTML.raw() specific to MVC? On what scenarios we have to use it?
Can you please explain with an example.
Asked
Active
Viewed 5.0k times
14
Oliver Spryn
- 16,871
- 33
- 101
- 195
KeenUser
- 5,305
- 14
- 41
- 62
-
1Check it out: http://www.arrangeactassert.com/using-html-raw-in-asp-net-mvc-razor-views/ – Yair Nevet Oct 13 '11 at 08:09
4 Answers
24
Text output will generally be HTML encoded. Using Html.Raw allows you to output text containing html elements to the client, and have them still be rendered as such. Should be used with caution, as it exposes you to cross site scripting vulnerabilities.
Paddy
- 33,309
- 15
- 79
- 114
-
"Used with caution", meaning trust the HTML doesn't do anything to the page that you don't want done or [sanitize](https://www.google.com/search?q=sanitize+html+.net) it to your standards before passing it to Html.Raw. – Tom Blodget Jun 30 '18 at 01:51
9
HtmlHelper.Raw MSDN
Wraps HTML markup in an HtmlString instance so that it is interpreted as HTML markup.
Neil Knight
- 47,437
- 25
- 129
- 188
8
Html.Raw
- Wraps HTML markup in an HtmlString instance so that it is interpreted as HTML markup.
For Example :
Controller
public actionresult Htmlraw()
{
viewbag.message = "Hey friends lets go" + "<br />" + "for chillout";
return view();
}
index view
@Html.Raw(ViewBag.message);
output
hey friends lets go
for chillout
Alex Podworny
- 1,018
- 1
- 14
- 25
saurav singh
- 438
- 6
- 16
1
Yes, it is specific to MVC.
It writes unencoded HTML to your page. Most other methods HTML-encode a string when you write it to the page.
Stefan Steiger
- 78,642
- 66
- 377
- 442