Menu
I have this code in my controller:
[HttpGet]
public ActionResult Register(UserRegistrationModel model)
{
return View();
}
The reason I do like this is because the Register page can be pre-populated with values from querystring that are generated from other pages.
The problem is that when my view gets rendered, it shows the validation errors... Is there a way to bypass it?
369
To disable a validation controlSet the validation control's Enabled property to false.
To disable client-side validation, set the page's ClientTarget property to 'Downlevel' ('Uplevel' forces client-side validation). Alternatively, you can set an individual validator control's EnableClientScript property to 'false' to disable client-side validation for that specific control.
We can enable and disable the client-side validation by setting the values of ClientValidationEnabled & UnobtrusiveJavaScriptEnabled keys true or false. This setting will be applied to application level. For client-side validation, the values of above both the keys must be true.
Quick Answer: try using [ValidateInput(false)] on your 'GET' action methods
UPDATE: With asp.net 4, to get the framework to acknowledge the ValidateInput attribute, you'll need to configure the validation mode in the web.config as well.
Set the following as a child of the <system.web> element:
<httpRuntime requestValidationMode="2.0"/>
Why have a ViewModel in your 'GET' action methods?
To take advantage of the default model binder.
For example, we have Child Actions returning partial views that are bound to complex ViewModels setup and we don't want to explicitly instantiate and rebuild the ViewModel for each Child Action.
e.g The Edit page for a an Order page takes a an EditOrderViewModel which inherits the BaseUserViewModel which in turn contains user specific display data (username, cart item count, etc.).
So the action method to return the Edit view looks like:
[ValidateInput(false)]
[HttpGet]
public ViewResult Edit(EditOrderViewModel editOrderVm)
{
...
return View('Edit', editOrderVm );
}
Now as long as the Request to this child action method includes the properties of BaseUserViewModel somehow (e.g. through the Cookies, Form, and QueryString properties), then the default model binder will instantiate and populate the EditOrderViewModel with all the base view model data.
However, when we first load this page, we don't want the validation messages showing up in the form that the user hasn't had a chance to edit yet...
Hence, we turn off Model validation for the 'GET' request > just make sure you validate the 'POST' request!
154
Normally when running an action such as this you would tend to use individual parameters rather than a complete model; what it looks like is happening is the model binder is kicking in and validating your model for you.
Can you verify by debugging the action that ModelState.IsValid is false and that it has some keys in it relating to the fields on your model which are invalid? If so you could try to do a ModelState.Clear() before you return the view to prevent the validation errors from showing up in this case.
27
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
