I have this string below:
<List>\r\n <First>\r\n <Second>BlaBla..</Second>\r\n...
But in View (MVC Asp.Net) presenting in one line only.
What can I do to respect the \r\n to broke in a new line?
Thanks
\r\n will format your string in source, it will be visible when you view HTML source of your page. You need to use HTML <br> tag instead of \r\n, so your browser will format your output accordingly.
Apart from the other answers that suggest using <br/>, you can also use the CSS white-space property which can actually make line breaks when it sees \r\n, or the <pre> tag which has this set up by default. See: http://www.w3schools.com/cssref/pr_text_white-space.asp
Assuming that your view is an HTML page rendered in the browser, understand that HTML does not render line break characters. The source code will, but not the HTML. If you need line breaks, you should use a tag structure that renders them, such as <p> or <br>.
Related
I have a contenteditable div the user enter data. When they enter line break, each browser stores the data differently. When I export this data to Word using HtmlToOpenXml it adds a blank line for the content and I want to avoid that so the html page and word doc look the same.
One option for me is to replace the tags <br>, <div>, <p> with blank and then replace the </div> and </p> with <br/> in the C# code using RegEx. But I do not know what all formatting is used for contenteditable div by different browsers and this implementation may not help.
I would like to know what is the best way to address this or is there any open source tool/dll that helps me with this issue?
e.g. ContentEditable div actual data in browsers looks like below
Chrome -
line1<div>line2</div><div>line3</div>
IE Edge-
<div>line1</div><div>line22</div><div>line3<br></div>
FireFox - I read it uses <p> </p> instead of <div> </div>
Safari - ????
A Solution I found:
You could use RegEx, which I highly recommend in C# for parsing information.
Then effectively based on the formatting you could narrow down what browser it is and then move on towards parsing it's output and what its XML means universally. This will not be easy but no cross-platform ever truly is. I would give a example of how this could be done, but RegEx in all honesty takes a good amount of work and it would be quite a bit of code to make a example that could show you how to parse it and find out what the browser is.
I create a String in a view and want to output it to the screen.
Initially I tried Response.Write but, due to reasons explained elsewhere on this site, the content appeared at the top of the page. I then attempted to output the string using # like so: #myString.
This worked, in that it output the text at the right location but it escaped HTML links that I had put in there. How do I get around this problem?
You can use Html.Raw():
#Html.Raw(MyStringVar)
Instead of string you will want to use:
#{
var myString = new MvcHtmlString("<tags>Text</tags>");
}
Then when you inline render it:
#myString
It'll display the correct value instead of escaped text.
Edit: Alternative
The other option is you can just create the MvcHtmlString inline so it renders appropriately.
#(new MvcHtmlString(myString))
You can use the Html.Raw function for this
For example:
#Html.Raw(Model.YourString)
#model myString
#Html.Raw(Model)
Try #Html.Raw(myString).
I do not recommend doing this. You don't send html output to screen for various reasons. if you want to put the text in certain part of the screen, use html/css styling in the view and send only the output.
You could do it this way:
#Html.Raw(myString)
I have some HTML code to show up on an HTML page, so it must not be interpreted as HTML.
Also, I'd like to maintain space/empty line and so on.
I'm on C#/.NET 3.5 : what can I use?
Just use HtmlEncode.
Encodes a string to be displayed in a browser.
And documented in the overloads:
HTML encoding makes sure that text is displayed correctly in the browser and not interpreted by the browser as HTML. For example, if a text string contains a less than sign (<) or greater than sign (>), the browser would interpret these characters as the opening or closing bracket of an HTML tag. When the characters are HTML encoded, they are converted to the strings < and >, which causes the browser to display the less than sign and greater than sign correctly.
It is not clear for what purpose you want to display this, but you may want to pretty print before HTML encoding (the HTML Agility Pack may do this, not sure) - and to show it as fixed width you can enclose in a <pre> element.
Since you're not actually saying which technology within .Net you are using to render your Html page (Asp.Net WebForms or MVC or whatever) the answer falls back to how you would do it in HTML, regardless of your server technology. After that, how you actually achieve this output is entirely up to you.
Render it in a <pre /> block:
<pre>
<p>hello world!</p>
<pre>
Here the text will appear as <p>Hello world!</p> and, by default, appear in a fixed-width font and all whitespace will be retained.
I have to break a HTML content string in to multiple lines...
And each line should have some fixed characters, 50 or 60
Also I don't want to break the word..or html tags...
ex : <p>Email: someone#gmail.com</p>
<p><em>"Text goes <font color=red>Hello world</font> Text goes here and Text goes here   Text goes here 1976."</em> </p>
How can I acheive this in C# ?
Any help would be appreciated...
I think you will need a HTML parser, and then you will have to serialize it again.
Instead of creating your own parser and serializer you should look into existing libraries.
For the parser I recommend the OSS Html Agility Pack
I have a requirement that user can input HTML tags in the ASP.NET TextBox. The value of the textbox will be saved in the database and then we need to show it
on some other page what he had entered. SO to do so I set the ValidateRequest="false" on the Page directive.
Now the problem is that when user input somthing like :
<script> window.location = 'http://www.xyz.com'; </script>
Now its values saved in the database, but when I am showing its value in some other page It redirects me to "http://www.xyz.com" which is obvious
as the javascript catches it. But I need to find a solution as I need to show exactly what he had entered.
I am thinking of Server.HtmlEncode. Can you guide me to a direction for my requirement
Always always always encode the input from the user and then and only then persist in your database. You can achieve this easily by doing
Server.HtmlEncode(userinput)
Now, when it come time to display the content to the user decode the user input and put it on the screen:
Server.HtmlDecode(userinput)
You need to encode all of the input before you output it back to the user and you could consider implementing a whitelist based approach to what kind of HTML you allow a user to submit.
I suggest a whitelist approach because it's much easier to write rules to allow p,br,em,strong,a (for example) rather than to try and identify every kind of malicious input and blacklist them.
Possibly consider using something like MarkDown (as used on StackOverflow) instead of allowing plain HTML?
You need to escape some characters during generating the HTML: '<' -> <, '>' -> >, '&' -> &. This way you get displayed exactly what the user entered, otherwise the HTML parser would possibly recognize HTML tags and execute them.
Have you tried using HTMLEncode on all of your inputs? I personally use the Telerik RadEditor that escapes the characters before submitting them... that way the system doesn't barf on exceptions.
Here's an SO question along the same lines.
You should have a look at the HTML tags you do not want to support because of vulnerabilities as the one you described, such as
script
img
iframe
applet
object
embed
form, button, input
and replace the leading "<" by "& lt;".
Also replace < /body> and < /html>
HTML editors such as CKEditor allow you to require well-formed XHTML, and define tags to be excluded from input.