Changing Query String values in ASP.NET MVC

Recently I was trying to update a query string by adding or updating a parameter for URLs generated in a partial view.

I found an excellent example for achieving this by setting route data here however this didn’t preserve current query string values in the URL. I’ve extended upon that code and updated it to include the query string values in the route data which will be appended to the query string in the generated URL (assuming the parameter key doesn’t match part of the route).

Disabling an ASP.NET MVC input control

I love ASP.NET MVC. It is a great framework to get web apps quickly built. However using the built in HtmlHelper methods on your views isn’t without its issues.

An example of this is when trying to disable a HTML input control which has been built using HtmlHelper. You can add the “disabled” attribute which would be required by making use of one of the helper’s overloads however if you want to conditionally disable a control (based on your view model) it can result in your view’s code becoming more inflated than you might have initially though it would need to be!

To try and help with this I created a simple extension which will add the required attribute based on a passed in boolean value.

This is a very simplistic helper which can be improved upon but it served it’s need when it was created.

It can be used as follows.

How to allow HTML content in ASP .NET MVC

Sometimes in web development, you need to provide an easy-to-use editor for non-technical users to input or change content where extra styling is required such as making text bold or italic.

However unless you use (or code yourself) an editor which uses some form of BBCode you’re going to come across the following error message if you’re using ASP .NET.

A potentially dangerous Request.Form value was detected from the client

 

I have seen various “fixes” to this suggested, the most frequent being turning off request validation entirely. While this will get your form working, it also lowers the security of your application since any text field will accept HTML content. This could be used to inject scripts or to deface your website, in either case this is bad news.

However in ASP .NET MVC you can specify the [AllowHtml] attribute above a property in your model to allow HTML content to be entered and maintain security in the rest of your application.