This suggests that one may sanitize stuff that bubbles up to a view against being XSS vulnerable like so in Razor markup:
@Html.Encode(Model.MyMultilineTextField).Replace(@"\n", "<br />")
This suggests that one may sanitize stuff that bubbles up to a view against being XSS vulnerable like so in Razor markup:
@Html.Encode(Model.MyMultilineTextField).Replace(@"\n", "<br />")
No comments:
Post a Comment