Home/ Questions/Q 8536063
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T10:34:33+00:00

Enviroment: Visual Studio 2012, MVC4, Razor, Internet Application. I have a code with search

  • 0

Enviroment: Visual Studio 2012, MVC4, Razor, Internet Application.

I have a code with search form in the “View” page…

@using (Html.BeginForm("SearchResult", "Home", FormMethod.Get))
{
    @Html.ValidationSummary(false)
    <fieldset>
        <legend>Contact Search</legend>
        <div class="editor-label">
            @Html.LabelFor(model => model.Name)
        </div>
        <div class="editor-field">
            @Html.EditorFor(model => model.Name)
            @Html.ValidationMessageFor(model => model.Name)
        </div>
        <p>
            <input name="SearchButton" type="submit" value="Search" /></p>
    </fieldset>
}

And then I’m sending a “model.Name” string directly to the JavaScript code using “@Model.Name”.

The problem is… when I typing in the search form a quote (“) symbol… for example… (10” android) I have a problem. JavaScript stops work somewhere. How can I check this “model.Name” string inside the controller is it contains (“) or not and change it for JavaScript?

My JavaScript code… url += "&keywords=@Model.Name";
If “model.Name” is… 10″ android …will it work correct?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    For Javascript, I would encode with “escape”, but it is best practice to replace the ” (double) quotes with the XML representation &quot;

    As for server-side, I use Web Protection Library from Microsoft to handle that part,
    http://wpl.codeplex.com/

    Microsoft.Security.Application.Encoder.HtmlEncode(HttpUtility.HtmlDecode(dr[“message”].ToString()))

    • 0