Exam Question

You are developing a controller for an ASP.NET MVC application that manages message board postings. The security protection built in to ASP.NET is preventing users from saving their HTML. You need to enable users to edit and save their HTML while maintaining existing security protection measures. Which code segment should you use?

• A. [ValidateInput(false)]
  public class MessageBoardController: Controller
  {

  public ActionResult SavePosting(MessageBoardPosting mbp)
  {

  SaveMessageBoardPosting(mbp);
  return View("ManagePosting");

  }

  }
• B. public class MessageBoardController: Controller
  {

  [ValidateInput(true)]
  public ActionResult SavePosting(MessageBoardPosting mbp)
  {

  SaveMessageBoardPosting(mbp);
  return View("ManagePosting");

  }

  }
• C. [ValidateInput(true)]
  public class MessageBoardController: Controller
  {

  public ActionResult SavePosting(MessageBoardPosting mbp)
  {

  SaveMessageBoardPosting(mbp);
  return View("ManagePosting");

  }

  }
• D. public class MessageBoardController: Controller
  {

  [ValidateInput(false)]
  public ActionResult SavePosting(MessageBoardPosting mbp)
  {

  SaveMessageBoardPosting(mbp);
  return View("ManagePosting");

  }

  }