我有一个模型需要捕获html。我已将[AllowHtml]属性添加到model属性,并且在调试时它在我的本地服务器上正常工作。
一旦部署到生产中,它在生产服务器上执行时正常工作(即我远程登录到服务器并在那里浏览),但是当从任何其他服务器执行时,通常会出现“潜在危险的等等等等”消息机。
所以在我看来,与验证所涉及的位置有关,或者我完全错过了这条船。
为了确认,我没有对web.config进行任何“特殊”更改。
请有人解释我遇到此问题的原因。
模型
[AllowHtml]
[Display(Name = "Overview")]
public string Overview { get; set; }
控制器
//
// POST: /Product/
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult EditFeature(BackOffice.Models.ProductFeature model)
{
if (ModelState.IsValid)
{
//insert the new product
}
//invalid model, return with errors
return View(model);
}
查看
@model BackOffice.Models.ProductFeature
@using (Html.BeginForm("AddFeature", "Product", null, FormMethod.Post, new { role = "form", @class = "form-horizontal" }))
{
@Html.AntiForgeryToken()
@Html.ValidationSummary(true)
@Html.Hidden("ProductID", @Model.ProductID)
<div class="modal fade" id="FeatureModal" tabindex="-1" role="dialog" aria-labelledby="FeatureModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h4 class="modal-title">Add a Feature</h4>
</div>
<div class="modal-body">
<div class='form-group'>
<label class='col-lg-2 control-label'>Title</label>
<div class="col-lg-10">
@Html.TextBoxFor(m => m.Title, new { @class = "form-control" })
@Html.ValidationMessageFor(m => m.Title)
</div>
</div>
<div class='form-group'>
<label class='col-lg-2 control-label'>Overview</label>
<div class="col-lg-10">
@Html.TextAreaFor(m => m.Description, 10, 40, new { @class = "ckeditor", id = "overview" })
</div>
</div>
</div>
<div class='clearfix'></div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
<button type="submit" class="btn btn-primary">Add</button>
</div>
</div>
<!-- /.modal-content -->
</div>
<!-- /.modal-dialog -->
</div>
<!-- /.modal -->
}
答案 0 :(得分:0)
此处的方法名称存在不匹配。
@using (Html.BeginForm("AddFeature", "Product", null, FormMethod.Post, new { role = "form", @class = "form-horizontal" }))
{
}
但你的行动方法叫做
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult EditFeature(BackOffice.Models.ProductFeature model)
{
}
AddFeature 操作方法在哪里?