Skip to content

Ensure SystemTextJsonHelper always HTML encodes user content #9946

New issue
New issue
Closed
Closed
Ensure SystemTextJsonHelper always HTML encodes user content#9946
Assignees
pranavkm
Labels
DoneThis issue has been fixedarea-mvcIncludes: MVC, Actions and Controllers, Localization, CORS, most templatestask
Milestone
 
3.0.0-preview9
@pranavkm

Description

@pranavkm
pranavkm
opened on May 3, 2019

As part of https://github.com/dotnet/corefx/issues/37192, JsonSerializerOptions would expose a property that allows customizing the JavaScript encoder. SystemTextJsonHelper uses the user configured JsonSerializerOptions.

We need to do the same thing here as we do with Json.Net i.e. copy the settings, but reset the encoder to ensure it's restrictive.

Metadata

Metadata

Assignees

Labels

DoneThis issue has been fixedarea-mvcIncludes: MVC, Actions and Controllers, Localization, CORS, most templatestask

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions