Whenever I enter anything in < angle brackets > (as well as some other html syntaxy things) into my TextBoxFor an exception is thrown
@Html.TextBoxFor(model => model.tags, new { @class = "form-control", placeholder = "tags (comma separated)" })
A potentially dangerous Request.Form value was detected from the client (tags="").
I understand this occurs to prevent insecurities and that html encoding/decoding is the solution to my issue but I'm not sure how to implement it.
I've read in a few places that TextBoxFor does html encoding by default, but if that's true why am I having this issue?
To prevent this warning your have to put the [AllowHtml()] attribute on the tags property of your viewmodel.