MVC3 TextArea issue with HTML rendering

2
votes

I have a C# MVC3 .Net Web App. I have several TextArea controls. They contain HTML strings populated from our DB. Some of the TextArea controls are CkEditor and they work fine. They have a property called 'htmlEncodeOutput'. This avoids ASP.NET security issues. The standard TextAreas are barfing when I navigate to a new page. I believe it is due to the embedded HTML. Is there a property for TextAreas that I can set to encode the embedded HTML?

Here's the error that is being thrown:

A potentially dangerous Request.Form value was detected from the client (item.SowDescription="...; it sodas<br />
<strong><em>...").
1
htmlasp.net-mvc-3renderencode
Need more explanation to understand what's the exact issue? - Kundan Singh Chouhan
It might help if you include the actual exception you're getting. - Erik Funkenbusch
It would help. It's throwing an exception "Not in a UnitoFWork". But that's not the issue. I think that's getting thrown as a side effect. - MikeTWebb

1 Answers

0
votes

I figured it out. In the text area I use HttpUtility.HtmlDecode for the property being rendered. Example below:

<textarea rows="3" cols="33" class="readonly"
            readonly="readonly" 
            id = "@Id">
    @HttpUtility.HtmlDecode(item.Description)
</textarea>