Basic Reason:
Someone can easily inject some harm code into our website. So we need to encode user data before storing into database. Example some comments from users.
Solution:
In normal ASP.NET we need to encode user data explicitly but in ASP.NET MVC Razor all expressions are automatically HTML encoded. So no need to explicit handling.
If we want to display HTML code on webpage, we need to use @HTML.Raw(item.comments) in ASP.NET MVC.
Post a Comment
Please give your valuable feedback on this post. You can submit any ASP.NET article here. We will post that article in this website by your name.