asp.net - Emitting unencoded strings in a Razor view

Question

Welcome To Ask or Share your Answers For Others

asp.net - Emitting unencoded strings in a Razor view

posted Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

asp.net - Emitting unencoded strings in a Razor view

As ScottGu says in his blog post ?by default content emitted using a @ block is automatically HTML encoded to better protect against XSS attack scenarios?. My question is: how can you output a non-HTML-encoded string?

For the sake of simplicity, pls stick to this simple case:

@{
 var html = "<a href='#'>Click me</a>"
 // I want to emit the previous string as pure HTML code...
}

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-23T17:46:38+0000

This is my favorite approach:

@Html.Raw("<p>my paragraph text</p>")

Source was Phil Haack's Razor syntax reference: http://haacked.com/archive/2011/01/06/razor-syntax-quick-reference.aspx

Categories

asp.net - Emitting unencoded strings in a Razor view

asp.net - Emitting unencoded strings in a Razor view

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags