如何强制jqGrid 4.10.1-pre编码’字符总是
免费jqgrid使用设置
autoencode: true 网格定义包含:
$grid.jqGrid({ url: '/admin/API/Entity', datatype: "json", editurl:'/admin/Detail/Edit'
在内联编辑中<a字符输入Nimetus列,数据以url编码格式发布到服务器。
Request URL:http://localhost:52216/admin/Detail/Edit?_entity=DokG&_dokumnr=135322&_vmnr=0 Request Method:POST Status Code:490 OK Response Headers view source Cache-Control:private, s-maxage=0 Content-Length:122 Content-Type:application/json; charset=utf-8 Date:Mon, 23 Nov 2015 15:31:54 GMT Server:Microsoft-IIS/10.0 X-AspNet-Version:4.0.30319 X-SourceFiles:=?UTF-8?B?STpccmFhbWF0XEVldmFXZWJcRWV2YS5FcnBcRGV0YWlsXEVkaXQ=?= Request Headers POST /admin/Detail/Edit?_entity=DokG&_dokumnr=135322&_vmnr=0 HTTP/1.1 Host: localhost:52216 Connection: keep-alive Content-Length: 1724 Accept: */* Origin: http://localhost:52216 X-Requested-With: XMLHttpRequest Query String Parameters _entity:DokG _dokumnr:135322 _vmnr:0 Form Data view parsed Kogus=&Nimetus=%3Ca&Mootyhik0_nimetus=&Hinnak=&Hind=&Myygikood=&_rowsum=0.00&Rtellimus=&Toode=&Kulukonto=&Yhik=&Id=0&Dokumnr=135322&Reanr=3&_oper=edit&_rowid=1648&_dokdata=%5B%7B%22name%22%3A%22Klient0_nimi%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tasudok%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Kuupaev%22%2C%22value%22%3A%222015-11-23%22%7D%2C%7B%22name%22%3A%22Kellaaeg%22%2C%22value%22%3A%2217+29%22%7D%2C%7B%22name%22%3A%22Maksetin1_tingimus%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tarnekla2_nimetus%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Konto3_tekst%22%2C%22value%22%3A%22112%22%7D%2C%7B%22name%22%3A%22Yksus%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tasukuup%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Knr%22%2C%22value%22%3A%2213111%22%7D%2C%7B%22name%22%3A%22Alamdok4_nimetus%22%2C%22value%22%3A%22ASL%22%7D%2C%7B%22name%22%3A%22Raha%22%2C%22value%22%3A%22EUR%22%7D%2C%7B%22name%22%3A%22Eimuuda%22%2C%22value%22%3A%22false%22%7D%2C%7B%22name%22%3A%22Prladu5_laonimi%22%2C%22value%22%3A%221%22%7D%2C%7B%22name%22%3A%22Krdokumnr%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tekst1%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Pais7obj%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Klient%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Maksetin%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tarneklaus%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Arvekonto%22%2C%22value%22%3A%22112%22%7D%2C%7B%22name%22%3A%22Oper%22%2C%22value%22%3A%22ASL%22%7D%2C%7B%22name%22%3A%22Laonr%22%2C%22value%22%3A%221%22%7D%2C%7B%22name%22%3A%22Dokumnr%22%2C%22value%22%3A%22135322%22%7D%2C%7B%22name%22%3A%22Kinnitatud%22%2C%22value%22%3A%22False%22%7D%5D
ASP.NET MVC4控制器使用reflection调用方法,该方法使用ControllerContext.HttpContext.Request.Form["Nimetus"]读取此值
此访问会导致exception
System.Web.HttpRequestValidationException was unhandled by user code Message=A potentially dangerous Request.Form value was detected from the client (Nimetus="<a").
行发生exception
ControllerContext.HttpContext.Request.Form["Nimetus"]
如何解决这个问题?
编辑控制器方法签名是
[AcceptVerbs(HttpVerbs.Post)] [HandleJsonException] public JsonResult Edit(string _entity, string _dokdata, int? _dokumnr, string _rowid, int? _vmnr, string _isik)
更新
文档标题数据作为_dokdata参数传递使用
extraparam: { _dokdata: getEevaFormData },
在
$.extend(true,$.jgrid.inlineEdit, { position: "beforeSelected", focusField: false, restoreAfterError: false, afterrestorefunc: function(rowId) { updateButtonState($grid, rowId); setFocusToGrid(); lastSelectedRow = undefined; }, aftersavefunc: function(rowId, response) { afterSaveFuncAfterAdd.call(this, rowId, response); }, oneditfunc: function(rowId) { onInlineEdit(rowId); updateButtonState($grid, rowId); }, keys: true, rowID: '_empty', useDefValues: true, extraparam: { _dokdata: getEevaFormData }, errorfunc: errorfunc });
Controller _dokdata参数现在包含“替换为"函数定义"
function getEevaFormData() { return JSON.stringify($("#_form").serializeArray()); }
实际上它应该包含json字符串,这是该函数调用的结果
我还原了'和/到'编码 和/ 在免费的jqGrid中制作。 请参阅提交以及原因说明。 我认为jqGrid的部分需要改变,但我现在恢复到以前的行为。