ASP.NET MVC POST HTML rich text data to the server incompletely.

By admin - Last updated: Sunday, July 5, 2009 - Save & Share - Leave a Comment

Sometimes, when using javascript or JQuery to perform manual POST rich html content to the server,
the server could misunderstood the parameters and the data passing in.

For example, if you want to POST parameterised data.

title=mytitle&content=helloworld=firsttest

As you might notice helloworld=firsttest is actually user data, but by just posting the data above,
the server could confuse with the parameter name and its actually data.

For the server, it might take helloworld as the parameter name and only the “firsttest” is the data
( this might not be the case, just use it as an example )

In order to avoid this problem, javascript needs to escape the user data before posting it to the server,
especially ASP.NET MVC server side controller.

The correct data format above should be

title= mytitle&content=helloworld%3Dfirsttest

In Javascript,

var content = escape(“helloworld=firsttest”);
alert(content);

The alert will show helloworld%3Dfirsttest

UPDATE:
If passing the data in using JQuery $.post with json object, I found it doesn’t have any issue with escaping.
For example,

$.post(“<%= Url.Content(“~/Contact.mvc/SendMail“) %>”,
                            {
                               firstName: firstnameVal,
                               lastName : lastnameVal,
                               email: emailVal,
                               subject: subjectVal,
                               message: messageVal
                            },
                            function(data) {});



Posted in Javascript • Tags: , , Top Of Page

Write a comment


Captcha: + 4 = thirteen