I have a table in my db where one of the properties is an Html page (without the html, head and body tags), and I intend to put it in the middle of one of my views - say, I call a cotroller method that takes an argument, and return a view passing this html big string as the model. I searched for it (not much, I admit), and found the following method: <pre class="prettyprint"><code><%= System.Web.HttpUtility.HtmlDecode(yourEncodedHtmlFromYouDatabase) %> </code></pre> That was found here in stackoverflow. When I tried a similar razor aproach, I ended up with this: <pre class="prettyprint"><code>@System.Web.HttpUtility.HtmlDecode("<h1>Test</h1>") </code></pre> That's the idea, but it didn't work quite as I planned.

All you need is: <code>@Html.Raw(yourEncodedHtmlFromYouDatabase)</code> I'm assuming that the html in the database has been properly sanitized (or at least from a reliable source), because if not, you could be opening yourself up to cross-site scripting attacks. The reason your approach didn't work is that Razor HTML-encodes output by default (every time you use <code>@</code> to display something). <code>Html.Raw</code> tells Razor that you trust the HTML and you want to display it without encoding it (as it's already raw HTML).

You can also return a HTMLString and Razor will output the correct formatting, for example. <pre class="prettyprint"><code>@Html.GetSomeHtml() public static HtmlString GetSomeHtml() { var Data = "abc 123"; return new HtmlString(Data); } </code></pre> This will allow you to display HTML

Is it possible to display raw Html from database in ASP.NET MVC 3?

Tags:

asp.net-mvc-3

razor

I have a table in my db where one of the properties is an Html page (without the html, head and body tags), and I intend to put it in the middle of one of my views - say, I call a cotroller method that takes an argument, and return a view passing this html big string as the model. I searched for it (not much, I admit), and found the following method:

<%= System.Web.HttpUtility.HtmlDecode(yourEncodedHtmlFromYouDatabase) %>

That was found here in stackoverflow. When I tried a similar razor aproach, I ended up with this:

@System.Web.HttpUtility.HtmlDecode("<h1>Test</h1>")

That's the idea, but it didn't work quite as I planned.

796

asked Jan 25 '11 20:01

Bruno Machado - vargero

2 Answers

All you need is: @Html.Raw(yourEncodedHtmlFromYouDatabase)

I'm assuming that the html in the database has been properly sanitized (or at least from a reliable source), because if not, you could be opening yourself up to cross-site scripting attacks.

The reason your approach didn't work is that Razor HTML-encodes output by default (every time you use @ to display something). Html.Raw tells Razor that you trust the HTML and you want to display it without encoding it (as it's already raw HTML).

191

answered Sep 22 '22 23:09

Bennor McCarthy

You can also return a HTMLString and Razor will output the correct formatting, for example.

@Html.GetSomeHtml()

public static HtmlString GetSomeHtml()
{
    var Data = "abc<br/>123";
    return new HtmlString(Data);
}

This will allow you to display HTML

answered Sep 22 '22 23:09

LiamB

Related questions
                            
                                Knockout + mvc 3 + Validation
                            
                                ASP.NET MVC - Authenticate users against Active Directory, but require username and password to be inputted
                            
                                MVC template from folder other than default (EditorTemplates/DisplayTemplates)?
                            
                                ASP.NET MVC3 Partial View naming convention
                            
                                Failed to load resource: the server responded with a status of 500 (Internal Server Error) in Bind function [closed]
                            
                                HTML.Encode but preserve line breaks
                            
                                Loading a partial view in jquery.dialog
                            
                                To allow GET requests, set JsonRequestBehavior to AllowGet
                            
                                MVC3 unobtrusive validation group of inputs
                            
                                Upgrading WebGrease to version 1.3.0 gets me error
                            
                                How can I render Partial views in asp.net mvc 3?
                            
                                How to use Console.WriteLine in ASP.Net MVC 3
                            
                                Web.config transformation: Unrecognized attribute 'xmlns:xdt'. Note that attribute names are case-sensitive
                            
                                Limit to 2 decimals in TextBoxFor
                            
                                Unable to find the requested .Net Framework Data Provider. It may not be installed. - when following mvc3 asp.net tutorial
                            
                                MVC3 Url.Action querystring generation
                            
                                Is there any good reason to use FormCollection instead of ViewModel?
                            
                                Complex models and partial views - model binding issue in ASP.NET MVC 3
                            
                                MVC3 Non-Sequential Indices and DefaultModelBinder
                            
                                The following sections have been defined but have not been rendered for the layout page

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With