为输入编码HTML
我已经为客户创建了一个表单,用于从站点请求信息。然后表单使用Webmail.Send向我发送电子邮件。如果用户试图输入部分或全部html开始标记,站点将抛出错误,即“如果允许用户在表单提交中发布html,则必须使用为输入编码HTML,html,forms,razor,webmatrix,Html,Forms,Razor,Webmatrix,我已经为客户创建了一个表单,用于从站点请求信息。然后表单使用Webmail.Send向我发送电子邮件。如果用户试图输入部分或全部html开始标记,站点将抛出错误,即“如果允许用户在表单提交中发布html,则必须使用Request.Unvalidated()引用表单字段值,以防止ASP.NET请求验证生效(这将导致您报告的错误消息): 您会遇到什么错误?这是错误的第一部分:[HttpRequestValidationException(0x80004005):一个潜在的危险请求。从客户端检测到表单
Request.Unvalidated()
引用表单字段值,以防止ASP.NET请求验证生效(这将导致您报告的错误消息):
您会遇到什么错误?这是错误的第一部分:[HttpRequestValidationException(0x80004005):一个潜在的危险请求。从客户端检测到表单值(firstName=”变量“firstName”时发生错误”正在声明并设置为表单中的值。谢谢Mike,成功了!我向其中添加了使任何HTML或HTML“类似”字符通过。var firstName=HTML.Encode(Request.Unvalidated(“firstName”))
var customerEmail = Request["customerEmail"];
var firstName = Request["firstName"];
var lastName = Request["lastName"];
var phoneNumber = Request["phoneNumber"];
var customerRequest = Request["customerRequest"];
var rAddress = Request["rAddress"];
var rCity = Request["rCity"];
var rState = Request["rState"];
var rZip = Request["rZip"];
try
{
WebMail.Send(to:"request@yourdomain.com", subject: "Request from " + customerEmail, body:
"Request:<br>_____________________________________<br><br>" +
customerRequest + "<br><br>Contact Info:<br>_____________________________________<br><br>" + Html.Encode(firstName) + " " + lastName + "<br>" + rAddress +
"<br>" + rCity + " " + rState + " " + rZip + "<br>" + phoneNumber + "<br>" + customerEmail, replyTo: customerEmail);
}
catch (Exception ex )
{
<text>@ex</text>
}
var firstName = Request.Unvalidated("firstName");
var lastName = Request.Unvalidated("lastName");