如何强制 jqGrid 4.10.1-pre 始终对 ' 字符进行编码

How to force jqGrid 4.10.1-pre to encode ' character always

免费的jqgrid使用设置

autoencode: true

网格定义包含:

                $grid.jqGrid({
                    url: '/admin/API/Entity',
                    datatype: "json",
                    editurl:'/admin/Detail/Edit'

在线编辑 <a 字符被输入到 Nimetus 列,数据以 url-encoded 格式发布到服务器。

Request URL:http://localhost:52216/admin/Detail/Edit?_entity=DokG&_dokumnr=135322&_vmnr=0
Request Method:POST
Status Code:490 OK
Response Headers
view source
Cache-Control:private, s-maxage=0
Content-Length:122
Content-Type:application/json; charset=utf-8
Date:Mon, 23 Nov 2015 15:31:54 GMT
Server:Microsoft-IIS/10.0
X-AspNet-Version:4.0.30319
X-SourceFiles:=?UTF-8?B?STpccmFhbWF0XEVldmFXZWJcRWV2YS5FcnBcRGV0YWlsXEVkaXQ=?=
Request Headers

POST /admin/Detail/Edit?_entity=DokG&_dokumnr=135322&_vmnr=0 HTTP/1.1
Host: localhost:52216
Connection: keep-alive
Content-Length: 1724
Accept: */*
Origin: http://localhost:52216
X-Requested-With: XMLHttpRequest

Query String Parameters

_entity:DokG
_dokumnr:135322
_vmnr:0
Form Data
view parsed
Kogus=&Nimetus=%3Ca&Mootyhik0_nimetus=&Hinnak=&Hind=&Myygikood=&_rowsum=0.00&Rtellimus=&Toode=&Kulukonto=&Yhik=&Id=0&Dokumnr=135322&Reanr=3&_oper=edit&_rowid=1648&_dokdata=%5B%7B%22name%22%3A%22Klient0_nimi%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tasudok%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Kuupaev%22%2C%22value%22%3A%222015-11-23%22%7D%2C%7B%22name%22%3A%22Kellaaeg%22%2C%22value%22%3A%2217+29%22%7D%2C%7B%22name%22%3A%22Maksetin1_tingimus%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tarnekla2_nimetus%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Konto3_tekst%22%2C%22value%22%3A%22112%22%7D%2C%7B%22name%22%3A%22Yksus%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tasukuup%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Knr%22%2C%22value%22%3A%2213111%22%7D%2C%7B%22name%22%3A%22Alamdok4_nimetus%22%2C%22value%22%3A%22ASL%22%7D%2C%7B%22name%22%3A%22Raha%22%2C%22value%22%3A%22EUR%22%7D%2C%7B%22name%22%3A%22Eimuuda%22%2C%22value%22%3A%22false%22%7D%2C%7B%22name%22%3A%22Prladu5_laonimi%22%2C%22value%22%3A%221%22%7D%2C%7B%22name%22%3A%22Krdokumnr%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tekst1%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Pais7obj%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Klient%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Maksetin%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Tarneklaus%22%2C%22value%22%3A%22%22%7D%2C%7B%22name%22%3A%22Arvekonto%22%2C%22value%22%3A%22112%22%7D%2C%7B%22name%22%3A%22Oper%22%2C%22value%22%3A%22ASL%22%7D%2C%7B%22name%22%3A%22Laonr%22%2C%22value%22%3A%221%22%7D%2C%7B%22name%22%3A%22Dokumnr%22%2C%22value%22%3A%22135322%22%7D%2C%7B%22name%22%3A%22Kinnitatud%22%2C%22value%22%3A%22False%22%7D%5D

ASP.NET MVC4 控制器使用反射来调用使用 ControllerContext.HttpContext.Request.Form["Nimetus"]

读取此值的方法

此访问导致异常

System.Web.HttpRequestValidationException was unhandled by user code

  Message=A potentially dangerous Request.Form value was detected from the client (Nimetus="<a").

行出现异常

ControllerContext.HttpContext.Request.Form["Nimetus"]

如何解决这个问题?

编辑控制器方法签名为

[AcceptVerbs(HttpVerbs.Post)]
[HandleJsonException]
public JsonResult Edit(string _entity, string _dokdata, int? _dokumnr, string _rowid,
    int? _vmnr, string _isik)

更新

文档header数据使用

作为_dokdata参数传递
    extraparam: { _dokdata: getEevaFormData },

   $.extend(true,$.jgrid.inlineEdit, {
        position: "beforeSelected",
        focusField: false,
        restoreAfterError: false,
        afterrestorefunc: function(rowId) {
            updateButtonState($grid, rowId);
            setFocusToGrid();
            lastSelectedRow = undefined;
        },
        aftersavefunc: function(rowId, response) {

            afterSaveFuncAfterAdd.call(this, rowId, response);

        },

        oneditfunc: function(rowId) {
            onInlineEdit(rowId);
            updateButtonState($grid, rowId);
        },
        keys: true,
        rowID: '_empty',
        useDefValues: true,
        extraparam: { _dokdata: getEevaFormData },
        errorfunc: errorfunc
    });

Controller _dokdata 参数现在包含函数定义,其中 " 替换为 &quot;

function getEevaFormData() {
    return JSON.stringify($(&quot;#_form&quot;).serializeArray());
}

实际上它应该包含 json 这个函数调用的结果字符串

我将 '/ 的编码还原为 &#x27;&#x2F; 在免费的 jqGrid 中进行的编码。请参阅 the commit 以及原因说明。我认为 jqGrid 的部分需要更改,但我现在恢复到以前的行为。