Missing configuration from pre-3.0: HtmlEncodeOutput
|Reported by:||jensenbox||Owned by:||garry.yao|
|Component:||Core : Output Data||Version:||SVN (CKEditor) - OLD|
It would appear that the 3.0.1 build does not contain a very important configuration for ASP.NET (and ASP.NET MVC) - the ability to encode the HTML prior to the form submission.
ASP.NET balks at any content being submitted that contains a < and a > with the message "A potentially dangerous Request.Form value was detected from the client"
This functionality was added in #1266 in a prior release.
It is possible to circumvent the issue with setting a "ValidateInput=false" setting however this is set either at the page level or the method level. Ideally this would be as granular as the field in question but those facilities do not exist at this time.
The ideal situation would be to have CKeditor pre-encode the content before submission to the server.
Change History (6)
comment:1 Changed 7 years ago by fredck
- Keywords Confirmed added
- Milestone set to CKEditor 3.1
- Type changed from Bug to New Feature
Changed 7 years ago by garry.yao
comment:2 Changed 7 years ago by garry.yao
- Keywords Review? added
- Owner set to garry.yao
- Status changed from new to assigned
comment:4 Changed 7 years ago by garry.yao
- Resolution set to fixed
- Status changed from assigned to closed