Razor encodes string by default. Is there any special syntax for rendering without encoding?
7 Answers
As well as the already mentioned @Html.Raw(string) approach, if you output an MvcHtmlString it will not be encoded. This can be useful when adding your own extensions to the HtmlHelper, or when returning a value from your view model that you know may contain html.
For example, if your view model was:
public class SampleViewModel
{
public string SampleString { get; set; }
public MvcHtmlString SampleHtmlString { get; set; }
}
For Core 1.0+ (and MVC 5+) use HtmlString
public class SampleViewModel
{
public string SampleString { get; set; }
public HtmlString SampleHtmlString { get; set; }
}
then
<!-- this will be encoded -->
<div>@Model.SampleString</div>
<!-- this will not be encoded -->
<div>@Html.Raw(Model.SampleString)</div>
<!-- this will not be encoded either -->
<div>@Model.SampleHtmlString</div>
Use @Html.Raw()
with caution as you may cause more trouble with encoding and security. I understand the use case as I had to do this myself, but carefully... Just avoid allowing all text through. For example only preserve/convert specific character sequences and always encode the rest:
@Html.Raw(Html.Encode(myString).Replace("\n", "<br/>"))
Then you have peace of mind that you haven't created a potential security hole and any special/foreign characters are displayed correctly in all browsers.