Home/ Questions/Q 7030151
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T00:37:55+00:00

I started to learn MVC and in conjunction want to use the KnockOut.js I

  • 0

I started to learn MVC and in conjunction want to use the KnockOut.js

I am having trouble understanding why the new @ include tag encodes everything to HTML(edit: ok i know now to prevent XSS).. but even worse how to stop it from doing that..

I have this code.

@{
    ViewBag.Title = "Home Page";
    var myData = new System.Web.Script.Serialization.JavaScriptSerializer().Serialize(Model);
}

<script type="text/javascript">
    var initialData =  @myData ;

Which produces this source

<script type="text/javascript">

var initialData =  [{&quot;Title&quot;:&quot;Tall Hat&quot;,&quot;Price&quot;:49.95},{&quot;Title&quot;:&quot;Long Cloak&quot;,&quot;Price&quot;:78.25}] ;

Ok. so tried using HttpUtility.HtmlDecode.. and nothing happens on the included bit in the javascript because the razor engine is reencoding it? but if it use the encode then reecnodes the encodes html.. briallinat.

I cannot work out how to stop the encoding.

The msdn says use @: but that does not work in the javascript block, i even tried
@{ @:new System.Web.Script.Serialization.JavaScriptSerializer().Serialize(Model);}

That just something wierd and causes other errors.

How should this be done in the MVC model?

In aspx using

var initialData = <%= new JavaScriptSerializer().Serialize(Model) %>;

works fine..

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Html.Raw(string) will write out your string in its raw, unencoded form. Provided your string is not encoded to begin with.

    code example as requested (?!?!)

    @{
    ViewBag.Title = "Home Page";
    var myData = new System.Web.Script.Serialization.JavaScriptSerializer().Serialize(Model);
}

<script type="text/javascript">
    var initialData =  @Html.Raw(myData) ;
    • 0