开发者

ASP.NET MVC HTML Escape

I display some content in my view using this: <%= Html.Encode(Model.synopsis) %>

The content synopsis has the HTML characters escaped so for example some content stored in the database like this would look like:

&lt;p&gt;Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor
incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud
exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure
dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit
anim id est laborum.&lt;/p&gt;

How would I change my code to show it as HTML? So the escaped HTML becomes HTML o开发者_如何学JAVAn the front end.

Thanks.


Don't use Html.Encode. Just do

<%= Model.synopsis %>

Html.Encode encodes any special html characters and escapes them. You may want to be careful and make sure you're not opening yourself up for XSS by allowing users to enter any markup that will be executed by the browser.

Also for the times you want to encode your output, you can just use the <%: tag

<%: Model.synopsis %>

is equivalent to

<%= Html.Encode(Model.synopsis) %>


Does <%= Html.HtmlDecode(Model.synopsis) %> do the trick in your case?

Here is the reference to the actual function in MSDN - http://msdn.microsoft.com/en-us/library/hwzhtkke.aspx

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜