Vulnerability in EPiServer.Forms
Hi!Does anyone have a best practise working example when posting from inside a block? That is, when using Razor's "Html.BeginForm".I must say that it's not exactly straight forward compared to how it was done in Web Forms. Can't find any examples in the Alloy test site either or maybe it's just because I have an old version installed. Also, when asking my friend Google the examples I find tend to be very verbose.
Do I understand you correctly that you would like to have a action inside block's controller with [HttpPost] attribute that will be responsible for handling "postback" from the form rendered in block view with Html.BeginForm()?
Long story short - that's not possible out of the box. As by default post backs are going back to the server and there has to be somebody who will handle the request. Usually in EPiServer context, that's page controller.
You can head over to Henrik's post (dated back to 2013) and see how that's achieved.
And thank you for the answer!
You understand me correctly and you also confirm what I suspected. Too bad there's no example in the Alloy test site...
As stated at the end of Henrik's post it could be worth trying to go with XHR/AJAX instead.