Handle Potentailly dangerous request-MVC-ASP.NET
How do I handle potentially dangerous request in MVc?
I am using the follow开发者_运维百科ing in the global.asax to handle the error, but its not catching those errors.
Its catching other error types.`
else if (httpException is HttpRequestValidationException)
{
routeData.Values.Add("action", "General");
}`
any one done this in MVc?
In mvc, in general HandleErrorAttribute Class is used to handle exceptions and return specific view based on exception type
[HandleError(ExceptionType = typeof(HttpRequestValidationException), View = "RequestIsNotValid")]
public class SomeController : Controller {}
This will redirect to RequestIsNotValid view, when customErrors mode in web.config is 'on' or 'remote'. Of course, during 'remote', it will be shown only to remote users. If you want to test it during development, set customErrors mode= 'on'
I assume you want to allow HTML for certain properties? That will stop the error from being thrown.
In MVC 3, the AllowHtml attribute does the job.
http://davidhayden.com/blog/dave/archive/2011/01/16/AllowHtmlAttributeASPNETMVC3.aspx
精彩评论