后台不需要担心跨站脚本攻击(XSS攻击)。可以将微软提供的脚本验证功能关闭。CKEditorDemo.aspx页面中加入<%@ ValidateRequest="false" %> ,并且配置文件加入如下代码:
Web.config:
<system.web>
<httpRuntime requestValidationMode="2.0"/>
</system.web>
将CKEditor插件的文件复制到网站中。引入JS脚本文件: <script src="/ckeditor/ckeditor.js"></script>
CKEditorDemo.aspx:
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="CKEditorDemo.aspx.cs" Inherits="BookShop.Web.Test.CKEditorDemo"
ValidateRequest="false" %> <!--将ValidateRequest的值设为false-->
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title></title>
<script src="/ckeditor/ckeditor.js"></script> <!--引入CKEditor的JS文件-->
<script type="text/javascript">
//用CKEditor替换<textarea id="editorID">中的内容。
var editor = CKEDITOR.replace('editorID');
</script>
</head>
<body>
<form id="form1" runat="server">
<div>
<textarea cols="100" id="editorID" name="editorName" rows="10"></textarea>
<input type="submit" value="提交" />
</div>
</form>
CKEditorDemo.aspx.cs:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
namespace BookShop.Web.Test
{
public partial class CKEditorDemo : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
Response.Write(Request.Form["editorName"]); //接收客户端传过来的数据。
}
}
}
}