My Column in the DB are: nvarchar(MAX)
I need to add HTML code into my Database: from CKEditor. I get the following Error.
A potentially dangerous Request.Form value was detected from the client (Description="<h1>Heding 1 </...").
I am using the following Code:
var String=Request["String"];
I even used the following:
var String= HttpUtility.HtmlEncode(Request["String"]);
String=Request["String"];
here is part of my code:
if(IsPost){
var Description =Request.Unvalidated["Description"];
// Here I insert into Database
and The FORM part is:
<form action="" enctype="multipart/form-data" method="post">
<div class="row">
<div class="two columns offset-by-two"><br/><label> Description: </label><br/></div>
<div class="eight columns"><textarea name="Description"></textarea></div>
I want to store the text from "Description" to my database....
You simply need to use Request.Unvalidated to reference inputs that contain HTML if you don't want ASP.NET Request validation kicking in within the ASP.NET Web Pages framework:
var text = Request.Unvalidated["myTextBox"];
Or:
var text = Request.Unvalidated("myTextBox");