I'm making the Grid/Inline editing list using Kendo UI MVC referring this: https://demos.telerik.com/aspnet-mvc/grid/editing-inline
I was trying to create and update text with HTML tag, for example, <br>, <h> with some other texts.
But whenever I put HTML tags such as those and even like '<b', '<h', it wasn't created or updated.
They're not updated and created like this image below:
2 Answers, 1 is accepted
Hello Hyewon,
This behavior is a validation feature enabled in ASP.NET MVC by default. HTML input for certain Actions or ViewModel properties could be allowed by:
- Setting [AllowHtml] attribute on a ViewModel property allows HTML input for this property only. This is the recommended way to enable HTML input:
[Required]
[DisplayName("Product name")]
[AllowHtml]
[Remote("IsProductName_Available", "Validation")]
public string ProductName
{
get;
set;
}- Setting [ValidateInput(false)] attribute on an Action will disable the validation on the whole Action:
[AcceptVerbs(HttpVerbs.Post)]
[ValidateInput(false)]
public ActionResult EditingInline_Update([DataSourceRequest] DataSourceRequest request, ProductViewModel product)
{
if (product != null && ModelState.IsValid)
{
productService.Update(product);
}
return Json(new[]{product}.ToDataSourceResult(request,ModelState));
}Further read can be found at the following link: https://www.codeproject.com/Articles/995931/Preventing-XSS-Attacks-in-ASP-NET-MVC-using-Valida
If there is anything else, we could help with, please contact us back.
Regards,
Nikolay
Progress Telerik
Rank 1