I am getting this error in my ASP.NET MVC application where I am taking HTML input from a WYSIWYG so I don't want the content validated.
I have attempted the solution I found here but it seems to make no difference in my MVC application. I have also tried doing it in the web.config but again - no joy.
Is this a bug in ASP.NET MVC or something?
On
In your controller action method, (the one which is bringing this) add [ValidateInput(false)]
Example
[HttpPost]
[ValidateInput(false)]
public ActionResult Insert(FormCollection formCollection, Models.Page page)
{
//your code
return View();
}
Just place this attribute: [ValidateInput(false)] on the action method on the controller that handles the form post.
On
In MVC 3 and later, you can also use the [AllowHtml] attribute. This attribute allows you to be more granular by skipping validation for only one property on your model.
https://learn.microsoft.com/en-us/dotnet/api/system.web.mvc.allowhtmlattribute?view=aspnet-mvc-5.2
In MVC you would use the ValidateInput(false) attribute.
You then need to sanitize your inputs, e.g. with something like this (built in to ASP.NET 4.5+; use NuGet package for earlier).