How to save data (e.g. Html) to database and retrieve it properly

Source: ¬†http://stackoverflow.com/questions/21662766/how-to-save-html-to-database-and-retrieve-it-properly The rule of thumb is the following: Store in your database the RAW HTML without any encodings or sanitizings. A SQL server doesn’t care if you store some string containing XSS code. When displaying this output to your page make sure that it is sanitized. So: [HttpPost, ActionName(“Create”)] [ValidateAntiForgeryToken] public ActionResult Create(Post model) … Read moreHow to save data (e.g. Html) to database and retrieve it properly