Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am using TinyMce on a custom module.
on Save I get the potentially dangerous Request.Form Error.
I know why and what it means, but don’t know, what the recommended solution is.
I already found
<httpRuntime requestValidationMode="2.0"/>
in web.config of my Orchard-root
Is this safe to use
[ValidateInput(false)]
public class AdminController : Controller {
on top of my Controller?
How is this solved on other Orchard Modules that use TinyMce, like Blog-Types?
Thnx
Reinhard
Look at the AdminController in Orchard’s core module. Full type is Orchard.Core.Contents.Controllers.AdminController.
It has the attribute that you mentioned…
So, as long as you’re careful about what you accept and what you do with it, you can be safe to go that route.
I should mention though, that it’s rare to need a new controller in Orchard. It also sounds like you should just use the BodyPart for what you’re building. BodyPart can use many flavors.. plain text, html, markdown, and anything you would like to implement yourself.