Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Choosing the MVC view engine

Tags:

asp.net-mvc

viewengine

I want to allow the end-users of my web application to modify views (via web based back office), stored in the database. The desired view engine is expected to be code-injection safe, meaning that the end-user will be limited to the absolute minimum number of expressions available, no server code inserts are allowed.

Is any suitable view engine available to download?

like image 362
leonard Avatar asked Feb 01 '26 04:02

leonard

1 Answers

I don't know of any existing engine, but Phil Haack has a post on storing views in a database: http://haacked.com/archive/2009/04/22/scripted-db-views.aspx

That post deals with the idea of user-created views. If you want to protect against XSS-style code injection attacks, you can sanitize your HTML.

like image 168
Dave Swersky Avatar answered Feb 03 '26 23:02

Dave Swersky
Sign in to Comment

Related questions

Changing ASP.NET MVC default folder structure
Converting ASP.NET MVC to n-Tiered Architecture
IOC to register repositories in service layer and services in the preentation layer
Using a dynamic list of checkboxes in a view, how to create the model
vNext redirect to login return 404
Giving a error message when out of range
The difference between IModelBinder and IModelBinderProvider asp.net mvc 3

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!