I use tinyMCE to allow users to stylize text in text areas. I have

Question

0

Asked: June 18, 20262026-06-18T06:32:31+00:00 2026-06-18T06:32:31+00:00

I use tinyMCE to allow users to stylize text in text areas. I have

0

I use tinyMCE to allow users to stylize text in text areas.
I have a property

[AllowHtml] Description {get;set;}

And everything works fine. But if use write something like this:

<div>not closed tag

This break my whole page. How to prevent this situation?
I use this to display text:

@Html.Raw(Model.Description)

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-18T06:32:32+00:00

AllowHtml is only going to permit certain special characters to be posted. This will not validate your markup.

If a property is marked with the AllowHtmlAttribute attribute, the ASP.NET MVC framework skips validation for that property during model binding

It can be a security issue loading user generated markup onto the page. Your validator would want to strip out certain tags like script. Many sites use an iframe to show user generated markup content to avoid this issue.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I use tinyMCE to allow users to stylize text in text areas. I have

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply