ASP.NET MVC Razor render without encoding

Question

Razor encodes string by default. Is there any special syntax for rendering without encoding?

Lucas · Accepted Answer · 2013-03-26 15:32:34Z

up vote 305 down vote accepted

Since ASP.NET MVC 3, you can use:

@Html.Raw(myString)

edited Mar 26 '13 at 15:32

answered Dec 21 '10 at 17:53

Lucas

13.8k43538

6

This is not entirely correct. Yes, you can insert a raw string but if you have "'<>etc... these will be escaped. The correct way is to use the MvcHtmlString which will allow "illegal" characters. For instance, if you're encoding Json data... without encoding an entire model – Daniel B. Chapman Jun 28 '13 at 21:34

3

Daniel, Html.Raw() "returns markup that is not HTML encoded." – Lucas Jul 1 '13 at 14:13

1

Html.Raw() encodes the quotes... "myAttr='hello';myInt=10" – Serge Nov 27 '15 at 8:39

add a comment |

Matthew Vines · Answer 2 · 2010-11-01 17:53:37Z

up vote 50 down vote

@(new HtmlString(myString))

answered Nov 1 '10 at 17:53

Matthew Vines

19k65488

3

Thanks! This works in MVC2, which didn't have Html.Raw()! – Jeff Mar 14 '14 at 14:56

add a comment |

Jonathan Moffatt · Answer 3 · 2011-06-29 08:05:06Z

As well as the already mentioned @Html.Raw(string) approach, if you output an MvcHtmlString it will not be encoded. This can be useful when adding your own extensions to the HtmlHelper, or when returning a value from your view model that you know may contain html.

For example, if your view model was:

public class SampleViewModel
{
  public string SampleString { get; set; }
  public MvcHtmlString SampleHtmlString { get; set; }
}

then

<!-- this will be encoded -->
<div>@Model.SampleString</div>
<!-- this will not be encoded -->
<div>@Html.Raw(Model.SampleString)</div>
<!-- this will not be encoded either -->
<div>@Model.SampleHtmlString</div>

Code Chief · Answer 4 · 2015-04-06 21:43:45Z

Use @Html.Raw() with caution as you may cause more trouble with encoding and security. I understand the use case as I had to do this myself, but carefully... Just avoid allowing all text through. For example only preserve/convert specific character sequences and always encode the rest:

@Html.Raw(Html.Encode(myString).Replace("\n", "<br/>"))

Then you have peace of mind that you haven't created a potential security hole and any special/foreign characters are displayed correctly in all browsers.

+1 Exactly what I needed! The string still needs to be encoded but the line returns need to be html. Thanks! — Peter, Mar 14 '16 at 19:41

Hamid Shahid · Answer 5 · 2016-04-21 14:16:18Z

up vote 1 down vote

You can also use the WriteLiteral method

answered Apr 21 '16 at 14:16

Hamid Shahid

2,3361124

add a comment |

gutsy_guy · Answer 6 · 2017-02-09 06:14:44Z

up vote 1 down vote

In case of ActionLink, it generally uses HttpUtility.Encode on the link text. In that case you can use HttpUtility.HtmlDecode(myString) it worked for me when using HtmlActionLink to decode the string that I wanted to pass. eg:

  @Html.ActionLink(HttpUtility.HtmlDecode("myString","ActionName",..)

edited Feb 9 at 6:14

answered Feb 9 at 4:59

gutsy_guy

297

yea that did the trick for me wow – skates008 Feb 28 at 11:06

add a comment |

Farbod · Answer 7 · 2016-11-03 21:05:24Z

up vote 0 down vote

HTML RAW : @Html.Raw(yourString)

answered Nov 3 '16 at 21:05

Farbod

5113

add a comment |

asked	6 years ago
viewed	74857 times
active	1 month ago

ASP.NET MVC Razor render without encoding

7 Answers 7

Your Answer

Not the answer you're looking for? Browse other questions tagged c# .net asp.net asp.net-mvc razor or ask your own question.

Visit Chat

Linked

Hot Network Questions

ASP.NET MVC Razor render without encoding

7 Answers 7

Your Answer

Sign up or log in

Post as a guest

Not the answer you're looking for? Browse other questions tagged c# .net asp.net asp.net-mvc razor or ask your own question.

Visit Chat

Linked

Related

Hot Network Questions