SyntaxFix

[asp.net-mvc] Writing/outputting HTML strings unescaped

I've got safe/sanitized HTML saved in a DB table.

How can I have this HTML content written out in a Razor view?

It always escapes characters like < and ampersands to &amp;.

This question is related to asp.net-mvc asp.net-mvc-3 razor

The answer is

You can put your string into viewdata in controller like this :

 ViewData["string"] = DBstring;

And then call that viewdata in view like this :

@Html.Raw(ViewData["string"].ToString())

Sometimes it can be tricky to use raw html. Mostly because of XSS vulnerability. If that is a concern, but you still want to use raw html, you can encode the scary parts.

@Html.Raw("(<b>" + Html.Encode("<script>console.log('insert')</script>" + "Hello") + "</b>)")

Results in

(<b>&lt;script&gt;console.log('insert')&lt;/script&gt;Hello</b>)

Apart from using @MvcHtmlString.Create(ViewBag.Stuff) as suggested by Dommer, I suggest you to also use AntiXSS library as suggested phill http://haacked.com/archive/2010/04/06/using-antixss-as-the-default-encoder-for-asp-net.aspx

It encodes almost all the possible XSS attack string.

You can use

@{ WriteLiteral("html string"); }

Supposing your content is inside a string named mystring...

You can use:

@Html.Raw(mystring)

Alternatively you can convert your string to HtmlString or any other type that implements IHtmlString in model or directly inline and use regular @:

@{ var myHtmlString = new HtmlString(mystring);}
@myHtmlString

In ASP.NET MVC 3 You should do something like this:

// Say you have a bit of HTML like this in your controller:
ViewBag.Stuff = "<li>Menu</li>"
//  Then you can do this in your view:
@MvcHtmlString.Create(ViewBag.Stuff)

Complete example for using template functions in RazorEngine (for email generation, for example):

@model SomeModel
@{
    Func<PropertyChangeInfo, object> PropInfo =
        @<tr class="property">
            <td>
                @item.PropertyName                
            </td>
            <td class="value">
                <small class="old">@item.OldValue</small>
                <small class="new">@item.CurrentValue</small>                
            </td>
        </tr>;
}

<body>

@{ WriteLiteral(PropInfo(new PropertyChangeInfo("p1", @Model.Id, 2)).ToString()); }

</body>

Source: Stackoverflow.com

Examples related to asp.net-mvc

Using Lato fonts in my css (@font-face) Better solution without exluding fields from Binding Vue.js get selected option on @change You must add a reference to assembly 'netstandard, Version=2.0.0.0 How to send json data in POST request using C# VS 2017 Metadata file '.dll could not be found The default XML namespace of the project must be the MSBuild XML namespace How to create roles in ASP.NET Core and assign them to users? The model item passed into the dictionary is of type .. but this dictionary requires a model item of type How to use npm with ASP.NET Core

Examples related to asp.net-mvc-3

Better solution without exluding fields from Binding IIs Error: Application Codebehind=“Global.asax.cs” Inherits=“nadeem.MvcApplication” Can we pass model as a parameter in RedirectToAction? return error message with actionResult Why is this error, 'Sequence contains no elements', happening? Failed to load resource: the server responded with a status of 500 (Internal Server Error) in Bind function 500.19 - Internal Server Error - The requested page cannot be accessed because the related configuration data for the page is invalid String MinLength and MaxLength validation don't work (asp.net mvc) How to set the value of a hidden field from a controller in mvc How to set a CheckBox by default Checked in ASP.Net MVC

Examples related to razor

Uncaught SyntaxError: Invalid or unexpected token How to pass a value to razor variable from javascript variable? error CS0103: The name ' ' does not exist in the current context how to set radio button checked in edit mode in MVC razor view @Html.DropDownListFor how to set default value Razor MVC Populating Javascript array with Model Array How to add "required" attribute to mvc razor viewmodel text input editor How to correctly use Html.ActionLink with ASP.NET MVC 4 Areas Multiple radio button groups in MVC 4 Razor How to hide a div element depending on Model value? MVC

Tags

Incompatibletypeerror Code-statistics Nsenumerator Occam-pi Sqldatareader Dynamic-columns Uitabview Google-api Watch Django-nonrel Visual-studio-2003 Massmail Hibernate-criteria Django-1.1 Mtom End-of-life Liskov-substitution-principle Array-filter Jboss-web Radphp Phplist Xmlbeans Separation-of-concerns Header-fields Ehcache Computer-algebra-systems Pdo Head.js Ws-addressing Camera-calibration Sentiment-analysis Justmock Pingdom Html-generation Fink Downloadfileasync Xmi Wcf-callbacks Grails-validation Image-segmentation Intrinsics Setup-kit Platform-agnostic Model-checking Android-tabhost Rest-client Routedevent Heartbeat Multibyte-functions Xbl Spinning Protect-from-forgery Qtextedit Buildconfiguration Facebook-rest-api Gamequery Jedi Bouncedemail Mysql-error-1066 Gstreamer Sqlbrowser Rubinius Seekableiterator Dbgrid Consumer Sqrt Visual-studio-project Imagemagick Bitbucket Rome Virtual-disk Jquery-ui-slider Windowed Naudio System-tables Rangevalidator Propertychangelistener Inherited-resources Rightbarbuttonitem .net-4.0 Existential-type Resx Correlation Generative-art Background-image Sua Memory-access Relational-model Xpc Linguistics Oolua Jquery-highlightfade Svn-hooks Pprint Gnu-coreutils Kde Before-filter Ar-mailer Voxels Createfile