As ScottGu says in his blog post «by default content emitted using a @ block is automatically HTML encoded to better protect against XSS attack scenarios». My question is: how can you output a non-HTML-encoded string?
For the sake of simplicity, pls stick to this simple case:
@{
var html = "<a href='#'>Click me</a>"
// I want to emit the previous string as pure HTML code...
}
HtmlHelperExtensions in MVC2 return a HTML string, unencoded.
In MVC3 this string is encoded! How can I return unencoded HTML to a Razor view in MVC3?
I am currently writing a small templating system in ASP.NET to allow users to add content. For example, the user can enter the string (variable type is string).
topHeader[x] = "They think it's all over. It is now!";
However, one change that's needed is the ability to add some basic HTML tags within this content, so the following can be done
topHeader[x] = "They think it's all over. <strong>It is now!</strong>" or
topHeader[x] = "They think it's all over. <a title="Football News" href="URL">It is now!</a>";
If you add such things into strings now they are not formatted as HTML, but I want to somehow escape them so that they can be. Naturally I've looked on the Internet for the answer, but as Razor is fairly new there's not much out there to help me out.
I have looked all over for elegant solutions to this not so age-old question. How can I lock down form elements within an ASP.Net MVC View, without adding if...then logic all over the place? Ideally the BaseController, either from OnAuthorization, or OnResultExecultion, would check the rendering form elements and hide/not render them based on role and scope. Another approach I have considered is writing some sort of custom attributes, so as to stay consistent with how how we lock down ActionResults with [Authorize]. Is this even possible without passing a list of hidden objects to the view and putting if's all over? Other background info: We will have a database that will tell us at execution time (based on user role/scope) what elements will be hidden. We are using MVC3 with Razor Viewengine. We're utilizing a BaseController where any of the Controller methods can be overridden.
View 1 RepliesI am trying to use a partial view for a file upload in a Create View.
Here is my partial view, I removed the submit button, as the view it is rendered in, should activat the form post:
@model dynamic
If I look at the Razor View Engine, then I see a very nice and concise syntax that is not particularly tied to generating html. So I wonder, how easy would it be to use the engine outside asp.net in a "normal" .net environment for example to generate text, code,...
View 3 RepliesI want to change my project to use razor syntax. How do I translate a view to razor syntax?
also, when I add a new view, I don't see an option for the view engine to use. Is there one?
I have a Razor view of type Joke. Here is the relationship between the Entity Joke and the Entity Rating:
I have done eager loading in my HomeController to get the Ratings from the Database. But I seem to be unable to get a count of the ratings that belong to a particular joke. Here is the error I get:
PS. You can ignore that <img> code to the right.
I have an application which has been built in MVC 2.0. I need to upgrade it to MVC 3.0 and that too by using Razor CSHTML engine. All the information which I got on the net was for MVC 3.0 Webform engine but nothing much for migrating to Razor.
View 37 RepliesI can't seem to figure out how to set a breakpoint in a Razor view. I understand why that might seem a little weird and may be difficult since a cshtml file is a combination of html and then c# code, but I can step into it. The ability to step into it makes it seem like I should be able to set a breakpoint. Am I missing how to do this or is this not possible in the RC? If not any plans to add this before RTM or in the future?
View 3 RepliesHow can I render a razor view in a Unit Test?When I change for instance a html helper method, I sometimes forget to update all the views which uses that html method. So the view I forgot generates a YSOD.I would like to create unit tests that renders a view and fails if I forgot to make the neccecary updates.
View 2 RepliesIs it possible to write unit tests against razor view in MVC 3? If yes, can anyone point me to code sample to unit test a razor view in MVC 3?
View 2 RepliesI have this C# code in a Razor view:
@(Html.CheckBoxFor<RazorSamplesWeb.Models.SamplesModel>(i => i.IsActive))
I tried translating it to this:
@Code Html.CheckBoxFor(Of RazorSamplesWeb.Models.SamplesModel)(Function(i) i.IsActive)End Code
But it's complaining. Why, and what is the right statement?
In my controller method, I'm trying to create an instance of a View (cshtml file) before I wrap it around an ActionResult and return it.Since there is no "class" for Razor Views to speak off, how does one go about creating an instance of a Razor View?
View 25 RepliesWhat is the best way to add javascript at runtime from a view (or partialview)? For example i would like to build a partial view Banner.cshtml that use Banner.Js. Actually i am using a section into layout page but obviusly if i use 3 times the same partial view i have 3 reference to external Js. Is there a "best practice" to include Js from "child" elemnts like partial view in this case?
View 3 Repliesis there a way to execute a razor view dynamically? if i have the view code as a string can i execute it and pass it a model as a parameter for example?
View 1 RepliesI tried searching a bit and didn't find an answer. Does the Razor View Engine work in Mono?
View 3 RepliesHow to integrate Razor view engine into mvc 2 web application?
View 3 RepliesI'm working trying to realize a requirement where the pages should be 'configurable' at runtime (per client), stored in a database - a requirement that I have no say in Anyway, the current plan is to use the Razor view engine and 'load' the 'pages' dynamically. I have a basic sample working using a VirtualPathProvider and VirtualFile that serves up Raz'pages' on the fly.The question I have if there is a better approach when I have the Razor 'pages' stored in a dB (or any other repository)?
There seems to be some constraints and concerns when I check other postings. For example:'If a Web site is precompiled for deployment, content provided by a VirtualPathProvider instance is not compiled, and noVirtualPathProvider instances are used by the precompiled site.'
(from http://msdn.microsoft.com/en-us/library/system.web.hosting.virtualpathprovider.aspx )
I am working on a MVC project with Razor view engine and I have the following:
[Code]....
This only works if I have on the same view the following:
[Code]....
So if "SquishIt.Framework" namespace is added on Web.Config why do I need to have the @using on the view?
How to show Razor View in J Query Light box give me a full example.
View 10 RepliesI want to modify the way the Views are organised in my project to allow for a custom way of handling Globalization
I want to have an extra route param containing the country code and to pass this down to the view engine so that the correct view is displayed.
My mapRoute rule in Global.asax is set up like this...
[Code]....
So I want to just have 1 controller called main and then have my view folders organised like this..../Views/Main/en/Index.cshtml/Views/Main/fr/Index.cshtml I have tried creating a custom view engine but i don't know how to access the countrycode route value because none of the examples show how to do this.
Here is my attempt at a custom Razor View Engine
[Code]....
How to import a namespace in Razor View Page?
View 3 RepliesI have this C# code in a Razor view:
@(Html.CheckBoxFor<RazorSamplesWeb.Models.SamplesModel>(i => i.IsActive))
I tried translating it to this:
@Code Html.CheckBoxFor(Of RazorSamplesWeb.Models.SamplesModel)(Function(i) i.IsActive)End Code
But it's complaining. Why, and what is the right statement?
I'm trying to have all my views inherit from a custom class so that I can add certain behaviour and values to all pages, but I'm having some issues. I tried subclassing System.Web.Mvc.WebViewPage but I'm forced to implement an Execute procedure that I don't know what it should do. Also, if I try to access the Context variable, I get a null reference (really weird). This leads me to think that I may have the wrong base class.
View 1 Replies