Changing regex "^[^<>]+$" by Html.Encode in ASP.net?

I need to allow symbols < > but also prevent XSS attacks, so I'm trying to use HTML.Encode() method:

 @Html.TextAreaFor(model => Model.Text, 15, 5,
 new { placeholder = ReviewResources.ReviewPlaceholder, data_val = "true",
 data_val_regex=ReviewResources.IllegalSymbolsMessage,
 data_val_regex_pattern="^[^<>]+$"}

Changing for:

 @Html.TextAreaFor(model => @Html.Encode(Model.Text), 15, 5,
 new { placeholder = ReviewResources.ReviewPlaceholder, data_val = "true"}

But I'm getting an exception:

 {"Templates can be used only with field access, property access, 
single-dimension array index, or single-parameter custom indexer expressions."}

How to use correctly encoding from < to < and et cetera?

edited Sep 6, 2014 at 11:38

Unihedron

11k13 gold badges64 silver badges72 bronze badges

asked Sep 3, 2014 at 17:04

Anton Kozlovsky

2131 silver badge15 bronze badges

You need to explain what you're trying to do better. You need to allow angle brackets for what purpose?
– Casey
Commented Sep 3, 2014 at 17:16
i just needed them for "=>"symbols or math operations (a>b)
– Anton Kozlovsky
Commented Sep 3, 2014 at 17:19

Add a comment |

0 Your Answer

Sign up or log in

Post as a guest

Name

Required, but never shown

Post as a guest

Name

Required, but never shown

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.

Collectives™ on Stack Overflow

Changing regex "^[^<>]+$" by Html.Encode in ASP.net?

0

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

0

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Sign up or log in

Post as a guest