ASP.NET MVC Accepting HTML Input from View
By default, ASP.NET will not allow any HTML or JavaScript tags to be entered as text for an input field. It will throw an error stating:
"A potentially dangerous Request.Form value was detected from the client..."
This is a built-in security mechanism to prevent Cross-Site Scripting (XSS) or other forms of injection attacks. However for my blog, I needed to be able to accept HTML tags for the blog posts, so I did some research and found two primary ways around this problem.
[ValidateInput( …