Hi all;
I have a C1 page, with an MVC route handler on it.
The page contains a form, which gets posted through the C1 stack into my MVC controller (using the MvcPlayer function available from the Composite Addons).
The form allows the user to create and edit some HTML content.
Posting HTML content automatically flags issues on the ASP.NET stack, causing a security exception to be thrown, as per their documentation: http://msdn.microsoft.com/en-us/library/hh882339(v=vs.110).aspx
I adjusted my MVC Controller as per their recommendations to allow for the posting of HTML to it. However I noticed that the error was still occurring.
I checked the stack, and it clearly illustrated to me that the exception was happening within the Webforms handler for the Page.aspx page. Which kind of makes sense, as the C1 pages (frontend) are rendered/handled by this page, and in my case would then be piped into the MVC handler.
My problem now is, I can't seem to see any mechanism to only disable the Request Validation for my specific route/url. I can basically only switch the Request Validation on/off on the Page.aspx page like so:
Has anyone else out there experienced this issue and would you perhaps have a solution for this where I could isolate the disabling of the Request Validation down to the exact route/url that needs it?
Thank you all.
I have a C1 page, with an MVC route handler on it.
The page contains a form, which gets posted through the C1 stack into my MVC controller (using the MvcPlayer function available from the Composite Addons).
The form allows the user to create and edit some HTML content.
Posting HTML content automatically flags issues on the ASP.NET stack, causing a security exception to be thrown, as per their documentation: http://msdn.microsoft.com/en-us/library/hh882339(v=vs.110).aspx
I adjusted my MVC Controller as per their recommendations to allow for the posting of HTML to it. However I noticed that the error was still occurring.
I checked the stack, and it clearly illustrated to me that the exception was happening within the Webforms handler for the Page.aspx page. Which kind of makes sense, as the C1 pages (frontend) are rendered/handled by this page, and in my case would then be piped into the MVC handler.
My problem now is, I can't seem to see any mechanism to only disable the Request Validation for my specific route/url. I can basically only switch the Request Validation on/off on the Page.aspx page like so:
<%@ Page ValidateRequest="false" Language="C#" AutoEventWireup="true" Inherits="Renderers_Page" Codebehind="Page.aspx.cs" %>Has anyone else out there experienced this issue and would you perhaps have a solution for this where I could isolate the disabling of the Request Validation down to the exact route/url that needs it?
Thank you all.