Is there a way to use TextBoxFor helper with encoded text?
for example: When using the following helper of MVC3 With Razor view engine :
@Html.TextBoxFor(model => model.Description)
and the value of model.Description is encoded, for example:
<script>alert();'</script>
the result is text box with the the encoded string, when the wanted result is text box with the decoded string:
<script>alert();'</script>
Is there a way to use the MVC TextBoxFor with encoded string instead of using
@Html.TextBox("Description", Server.HtmlDecode(Model.Description))
?
You have to html-decode your string.
Use the System.Web.HttpUtility.HtmlDecode
for that.
System.Web.HttpUtility.HtmlDecode("<script>alert();'</script>")
will result in
<script>alert();'</script>
TextBoxFor does not support that so, you have 2 options
1. Decode before display
@{
Model.Description = System.Web.HttpUtility.HtmlDecode(Model.Description);
}
@Html.TextBoxFor(model => model.Description)
2. Use @Html.TextBox for this
@Html.TextBox("Description", System.Web.HttpUtility.HtmlDecode(Model.Description))
hope this helps