Hi Guys,
I'm really hoping you are able to help me with this as I am at a bit of a loss.
I have inherited some code which I have been asked to modify to allow the submission of HTML formatted values. However, each time the method fires it gets so far than throws a "HTTPRequestValidationException" when it tries to retrieve said html formatted text.
This is the action code:
[ValidateInput(false)]
public ActionResult SaveCustomContent()
{
string type = Request["type"];
bool found = false;
Type actualType = null;
object actualObject = null;
foreach (
Type t in
from asm in AppDomain.CurrentDomain.GetAssemblies()
from t in asm.GetTypes()
where t.Name == type
select t)
{
found = true;
actualType = t;
actualObject = Activator.CreateInstance(t);
}
if (found && actualType != null)
{
foreach (PropertyInfo pi in actualType.GetProperties())
{
if (Request[pi.Name] != null)
{
try
{
pi.SetValue(actualObject, Request[pi.Name], null);
}
catch
{
try
{
pi.SetValue(actualObject, Convert.ChangeType(Request[pi.Name], pi.PropertyType), null);
}
catch
{
}
}
}
}
The method does continue to do other things which its why it cuts off abruptly. I have marked the line throwing the exception with //**ERRROR THROWS HERE**// So that it is easy to spot.
As you can see I've marked the the method with the "ValidateInput(false) attribute, in addition the model that is used for the view, which in turn submits data back here has had the appropriate property decorated with the [AllowHtml] attribute.
Any ideas what I am missing or what I should do to overcome this issue?
Bare in mind, I didn't originally write this action, and in my personal opinion it seems like a stupid approach. unfortunately this needs making available asap, and for me to completely re-work it into a more sensible approach isn't realistic at this time.
I hope you can help.
Submit an article or tip