Allow User to Submit HTML or script Data in ASP.NET MVC

Updated on August 23, 2015 Kisan Patel

This tutorial will show you how to mark a form to not validate the input data for any HTML or script data submission in ASP.NET MVC.

To mark an action method that accepts HTML or scripts data as well, we can decorate that with [ValidateInput(false)] attribute.

[HttpPost]
[ValidateInput(false)]
public ActionResult Index(Form form)
{
    var data = form["txt"];
    return Content(data);
}

Notice the above ValidateInput attribute in the action method.

View :

<h2>Index</h2>
@using (Html.BeginForm())
{
    <textarea id="txt" name="txt" rows="10" cols="50"></textarea>
    <input type="submit" value="Submit" />
}

The above form will accepts HTML and other script data too apart from normal data.

If we remove the [ValidateInput(false)] attribute from the above action method and submit the same above form,
it throws error (A potential dangerous Request.Form value was detected).

ASP.NET MVC

« Previous

Allow User to Submit HTML or script Data in ASP.NET MVC

Leave a Reply Cancel reply

ASP.NET MVC: Difference between ViewBag, ViewData & TempData

What is MVC?

How to Create new controller in MVC C#

ASP.NET MVC: Display Name attribute from Resources

Cache the Output of the Action Method in ASP.NET MVC