将数据从jQuery Ajax发送到MVC COntroller

I am trying to send an SVG string from my index page to my controller. But it's getting a null value.

我试图从我的索引页面发送一个SVG字符串到我的控制器。但它获得了一个空值。

var str = "<svg height=\"350\" version=\"1.1\" ... svg properties ..."
console.log(str);

$.ajax({
    type: "POST",
    //contentType: 'application/x-www-form-urlencoded; charset=UTF-8',
    //dataType: "text",
    url: window.location.origin + '/NavigationExport/GetSvgData',
    //data: '{"value":"' + str + '"}',
    data: {value :str},
}).done(function (data) {
    debugger
});

Here is my controller code.

这是我的控制器代码。

[HttpPost]
public void GetSvgData(string value)
{
    return;
}

but this code is giving me a 500 internal server error.

但是这段代码给了我500个内部服务器错误。

A potentially dangerous Request.Form value was detected from the client (value="<svg height="350" ve...").

从客户端检测到潜在危险的Request.Form值（value =“

Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see http://go.microsoft.com/fwlink/?LinkID=212874.

说明：ASP.NET已检测到请求中有可能存在危险的数据，因为它可能包含HTML标记或脚本。数据可能表示试图破坏应用程序的安全性，例如跨站点脚本攻击。如果此类输入适用于您的应用程序，则可以在网页中包含代码以明确允许它。有关详细信息，请参阅http://go.microsoft.com/fwlink/?LinkID=212874。

If I use

如果我使用

data: '{"value":"' + str + '"}'

it sends null value to the controller

它将空值发送给控制器

2 个解决方案

#1

The issue is because MVC thinks you're trying to send HTML in the request, and prevents it to stop any XSS attacks. You can allow HTML/XML by adding the ValidateInput annotation to Action. In your case, try this:

问题是因为MVC认为您正在尝试在请求中发送HTML，并阻止它阻止任何XSS攻击。您可以通过将ValidateInput注释添加到Action来允许HTML / XML。在你的情况下，试试这个：

[HttpPost]
[ValidateInput(false)]
public void GetSvgData(string value)
{
    return;
}

2 个解决方案

#1

更多相关文章

随机推荐