Completely solves the "Request. Form values detected from the client" and detects potential risks from the client.

Completely solves the "Request. Form values detected from the client" and detects potential risks from the client.

It is not recommended to set validateRequest = "false" because the application needs to explicitly check all input, which is inconvenient.

1. The front end uses escape to encode the string, for example:

var editor = $("textarea[name='editorValue']");$("#contents").val(escape(editor.val()));var formData = new FormData($("#frm")[0]);

2. the backend uses the Server. UrlDecode Method for decoding, for example:

model.contents = Server.UrlDecode(model.contents);

3. The View page is displayed in the editor, for example:

ue.addListener('ready', function (editor) {    var contents = decodeHtml("@content.contents");    ue.setContent(contents);});

JS method decodeHtml code:

function decodeHtml(val) {    return val.replace(/&lt;/g, "<")              .replace(/&gt;/g, ">")              .replace(/&quot;/g, "\"")              .replace(/&#039;/g, "'")              .replace(/&amp;/g, "&");}function encodeHtml(val) {    return val.replace(/&/g, "&amp;")              .replace(/</g, "&lt;")              .replace(/>/g, "&gt;")              .replace(/"/g, "&quot;")              .replace(/'/g, "&#039;");}