MVC :: HttpRequestValidationException After Using [SkipRequestValidation] Attribute On Model Property?
Nov 12, 2010
I think I might have stumbled onto a bug in ASP.NET MVC 3 RC. When I setup my MVC2 project in a new MVC3 project, copy paste classes, code, change name spaces, etc, etc, I ran into an issue in the following, simplified for explanation purpose, scenario:
Model:
public class WineDetails
{
[SkipRequestValidation]
[Required(ErrorMessage = "Beschrijving verplicht")]
public string Description { get; set; }
}
ViewModel:
public class ViewModelCreateWine
{
public MasterData MasterData { get; set; }
public WineDetails WineDetails { get; set; }
}
ActionMethod:
[AcceptVerbs(HttpVerbs.Post)]
public ActionResult CreateWine(ViewModelCreateWine viewModelCreateWine)
{
GetMasterDataRegions(viewModelCreateWine);
if (Request.Params.ToString().IndexOf("Save") > 0)
{
if (TryValidateModel(viewModelCreateWine.WineDetails))
{
m_wineService.CreateWine(viewModelCreateWine.WineDetails);
return RedirectToAction("index", "Admin");
}
}
return View(viewModelCreateWine);
}
The ActionMethod "CreateWine" needs to call the "CreateWine" method in the WineService so that in the end a new Wine is added to the Database. So far it looks ok. As shown in the above code the [SkipRequestValidation] is set on the "Description" property of the WineDetails model so that the user can add Rich Text to the description and HTML elements are allowed during the Request validation. This works perfectly fine until the Params collection of the Request is accessed in the code to check if the Save button is clicked. When this line of code is trying to execute the following exception is thrown:
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ViewModelCreateWine.WineDetails.Description="<p>HTML Content with...").
The same exception is thrown when I put the [ValidateInput(false)] attribute on the action method. When I comment out the "if" statement and its content there is no issue and the model validation works just fine and skips the Request Validation on the Description property as expected.
In MVC2 the above code worked fine with the [ValidateInput(false)] attribute on the action method.As I said I'm not sure if this is a bug, it very well might be my own stupidity, but I thought it would be worth to mention here. So any feedback is more than welcome.
View 2 Replies
Similar Messages:
Dec 28, 2010
So, I've got an contact form in my MVC 2 application.
I'd like to programatically email all properties of my "ContactModel".
Here is what I'd like to do in psuedo-ish code:
[Code]....
In case it matters...ContactModel sets up the DisplayName attributes like this:
[DisplayName("First Name")]
public string FirstName {get; set ;}
I'd like to keep this nice and DRY by not repeating the DisplayName names.
Specifically, I'd like to enumerate over each property in my ContactModel, get its DisplayName, and get its submitted value.
View 1 Replies
Mar 15, 2011
I am a newbie in mvc3 and i'm wondering how to use attribute like [Display(Name="")] for model that comes from an entity data model that I provide im my "Model" folder in my mvc3 project.
I didn't provide a .cs class for each of my database tables .
other words, I want the controller class render a edit form for me like :
First Name:--- instead of : fName:---
View 9 Replies
Jun 23, 2010
Is it possible to extend the RequiredAttribute class in a way to have it validate a condition against another property in the model? For example, in my hypothetical code.
[Code]....
The DriversLicenseProperty is to be required in the model if HasLicense is true. Is this possible? Is there an example somewhere?
View 1 Replies
Sep 6, 2010
What is the best way to obtain an attribute such as the DisplayNameAttribute of a model's property using the property's name. I am using the following method currently:
[Code]....
Looking at this long statement, I cannot help wondering if there is a better way to do it.
View 4 Replies
Dec 22, 2010
I want to disallow entering html tags inside specific textFields using custom attribute HtmlRemove, but I don't know how can I acces property/Field value? Model:
[Code]....
My custom Attribute
[Code]....
View 8 Replies
Nov 7, 2010
I am trying to create a minimum length validation attribute which will force users to enter the specified minimum amount of characters into a textbox
public sealed class MinimumLengthAttribute : ValidationAttribute
{
public int MinLength { get; set; }
public MinimumLengthAttribute(int minLength)
{
MinLength = minLength;
}
public override bool IsValid(object value)
{
if (value == null)
{
return true;
}
string valueAsString = value as string;
return (valueAsString != null && valueAsString.Length >= MinLength);
}
}
In the constructor of the MinimumLengthAttribute I would like to set the error message as follows:
ErrorMessage = "{0} must be atleast {1} characters long"
How can I get the property's display name so that I can populate the {0} placeholder?
View 1 Replies
Feb 17, 2010
here's my situation - I've created some ActionFilterAttributes that I want to apply to a custom Controller class that my other controllers can inherit from. The problem is, I need to set a property on the attribute from the final inheriting controller. So I have something like this :
[Code]....
[Code]....
View 2 Replies
Jan 17, 2010
I'm building a custom web control with a public property which I only want to be available in design time (i.e. make it unavailable in code behind). The DesignOnly attribute promises to do just that, but when I set [DesignOnly(true)] it has no noticeable effect whatsoever:
[Bindable(true)]
[Category("Appearance")]
[DefaultValue(null)]
[Localizable(false)]
[DesignOnly(true)]
public string MyProp
{
get
{
return ViewState["MyProp"] as string;
}
set
{
ViewState["MyProp"] = value;
}
}
The property still appears in code behind IntelliSense. Setting a value to it in code behind works. In these respects, the behavior is just as if the attribute had never been set. And I've cleaned and rebuilt the complete solution. Twice.
View 1 Replies
Mar 19, 2013
I am using repeater control and in that i am having div in item template. Now I am setting its id using eval. I want to access this div in item databound for that i am making it runat=server. But in doing so I am getting :
"The ID property of a control can only be set using the ID attribute in the tag and a simple value."
<div id="<%# Eval("RENTER_ID") %>" style="display:none"></div>
How to achieve this functionality. One more thing i am using master page and repeater is in content page.
View 1 Replies
Jan 25, 2011
Is there a way to retrieve the client side ID for a model property similar to how the helpers like LabelFor etc generate the ID? For example, I have a model with a DateOfBirth property. I want to hook up that field to a jQuery DatePicker. Normally, I would hook up the date picker like this:
[Code]....
This works fine but hard codes the DateOfBirth property name. Ideally, I would like to use this:
[Code]....
Is this already available out of the box somewhere? I just created an extension method on the HtmlHelper class that does exactly this, but I wondered if there was already something built-in so I don't have to reinvent and test the wheel.
View 10 Replies
Nov 8, 2010
So I have code as below
public ActionResult Create(AccountClassificationCreateViewModel ACCVM)
{
if (ACCVM.newMtn0130 == null)//Why ACCVM.newMtn0130 is null after [code]...
I wonder why the ACCVM.newMtn0130 become null after RedirectToAction? I already assign with "_ACCVM.newMtn0130 = newMtn0130".
ACCVM._Error didn't become null after RedirectToAction.
View 5 Replies
May 18, 2010
I found little bug feature in MVC 2.
So, if we have in route defined parameter with same name as property at model and then we call it from strongly typed HTML helper (for example Html.TexBoxFor(x => x.PropertyName)), we get value from route parameter instead of property of model.
For example.
We have defined follow route:
[Code]....
Very simple model:
[Code]....
Next action in controller:
[Code]....
And very simple view:
[Code]....
Result you can see at follow picture:
I think what this dirty example described the essence of the problem. Let me know if I'm wrong.
View 1 Replies
May 4, 2010
as the behaviour of the UpdateModel<T> changed in MVC 2 (RTM)? Since then I have the following problem when UpdateModel is called:UpdateModel<T1>(record, properties);record is typeof(Jumbo.Juist.Models.Bezorging) and properties is a string[] containing "Winkelnummer" and "OudRoutenummer".This now fails, because a get-property is being accessed: BerekendeAankomstTijd. In the past, it didn't fail. IMHO, this validation should be skipped, because it's only a getter (and thus/also not included in the string[] of properties to update)
View 14 Replies
Aug 26, 2010
How can I show display property of Model on View.
public class Model
{
[Required]
[DataType(DataType.Text)]
[DisplayName("First Name")]
[code]...
View 6 Replies
Jan 11, 2011
I have a viewmodel with a property of a model class type. I set some properties in the model class to be able to show it to the user but then when I make a post, the model gets validated. How to overcome this? I don't want to enforce the DataAnnotations contraint in this case....
public class TheViewModel
{
TheModel TheModel { get; set;}
}
[code]...
View 1 Replies
Sep 18, 2010
Action:
[Code]....
View:
[Code]....
But error raised "object does not have property Name". Why?
View 4 Replies
Sep 10, 2010
I would like to exclude one of model's property from the Html.EditorFor. I tried [HiddenInput(DisplayValue=false)] but it renders the property as an hidden input. This could potentially be a security problem. How can we completely exclude a field from Html.EditorFor?
View 5 Replies
Oct 11, 2010
I got 3 radion-buttons on the view called:
- Taxi
- Train
- Bus
The model passed has a property called "Transport" of type String. In the action, if I set the property as 'Train', then the view should set the radio-button 'Train' checked. ie.
Action:
model.Transport = "Train";
How do I do that in the view to make the radio-button Train checked?
View 2 Replies
Jan 12, 2011
public class BandProfileModel
{
public BandModel Band { get; set; }
public IEnumerable<Relationship> Requests { get; set; }
}
and the following form:
<% using (Html.BeginForm()) { %>
<%: Html.EditorFor(m => m.Band) %>
<input type="submit" value="Save Band" />
<% } %>
which posts to the following action:
public ActionResult EditPost(BandProfileModel m, string band)
{
// stuff is done here, but m is null?
return View(m);
}
Basically, I only have one property on my model that is used in the form. The other property in BandProfleModel is just used in the UI for other data. I'm trying to update just the Band property, but for each post, the argument "m" is always null (specifically, the .Band property is null). It's posting just fine to the action, so it isn't a problem with my route. Just the data is null.
The ID and name attributes of the fields are BAND_whatever and Band.whatever (whatever being a property of Band), so it seems like it would work. What am I doing wrong? How can I use just one property as part of a form, post back, and have values populated via the model binder for my BandProfileModel property in the action?
View 2 Replies
Dec 6, 2010
I want to assign a stylesheet-class to a <div> element. The cssclass I want to use depends on the property 'Level' which is defined in de ViewModel.
I want to have something like this:
<div class="dashboardlevel" + <%= Model.Level %>>
But this doen't work.
View 2 Replies
Nov 23, 2010
How I can bind in my ActionResult IEnumerable property in Model.
Objects:
public class Project
{
public int ProjectID {get;set;}
public IEnumerable<Category> Categories {get;set;}
}
[Code]....
View 15 Replies
Feb 20, 2011
I am trying to populate a drop down list from my controller for a create action. I can display the dropdown as I want but when I cannot get the value to be stored in the database. My models:
[Code]....
Controller: [Code]....
View: [Code]....
This above snippet will show me the message "The value '50117dae-a7d7-4371-926f-7b1f7aaec133' is invalid."
if I change the line to @Html.DropDownListFor(ct => ct.CollectionType.CollectionTypeId, new SelectList(ViewBag.CollectionTypes as System.Collections.IEnumerable, "CollectionTypeId", "Title"))
@Html.ValidationMessageFor(model => model.CollectionType)
the page will not do anything - I believe this could be because the controller is trying to add a new CollectionType.
View 2 Replies
Apr 17, 2010
but I am new with MVC and database-driven applications.
I hava a table with Cities (ID,Name) and one with Businesses(ID,CityID,Name). The later has a foreign key relationship with the first table.
I used a linq-to-SQL class to create my models.
My problem is that I need to access the City Name(not the ID) when displaying the Business Model View.
How can I do this? if from my controller I call the View passing the auto-generated Business Model, I only have access to the ID.
View 2 Replies
Aug 19, 2010
I have a User Control (ascx) and a property which a want to display in my categories tab in Visual Studio in the category named "Styles".
[Code]....
And here is the problem: Actually I do not need a get, because I only have to set the property (write only property). But when I omit the get, the property is displayed in the "Misc" category in the categories tab in Visual Studio. Only when I code the get as well, then the property is displayed correctly in the "Styles" category in the categories tab in Visual Studio.
Does anybody know why? How can I display the category correctly only with set?
View 2 Replies
