0

I have an ASP.NET Web API on .NET Core 3.1 using the Microsoft.AspNetCore.OData package to implement several OData controllers. One of the models has a string field used to hold HTML, and I am using the model in the request body for one of the OData endpoints. Because the string content is HTML, it must contain double quotes which I am escaping in the JSON body. However, when the request body is converted into the model, it doesn't recognize that the string is already escaped and actually escapes the escape characters. The issue is reproduced in a GitHub repository here.

Model:

public class Model
{
    public int Id { get; set; }
    public string Html { get; set; }
}

Request body:

{
    "html": "<div class=\"test\"><\/div>"
}

Expected

Html == "<div class=\"test\"></div>"

Actual

Html == "<div class=\\\"test\\\"></div>"

Why is it doing this and how can I fix it?

Ian Kemp
  • 28,293
  • 19
  • 112
  • 138
JBoy
  • 11
  • 6
  • But it should be **deserializing** the JSON string it receives from the raw body, not serializing it. And it seems to be deserializing some of the string as the back slashes escaping the forward slashes in the closing tags are removed. – JBoy Jan 13 '21 at 19:00
  • Then I can't reproduce the problem in a fiddle, see https://dotnetfiddle.net/MZTgPK. Note that ASP .NET Core 3.1 uses a different serializer [tag:system.text.json] by default instead of [tag:json.net], but I can't reproduce the problem with either. Can you share a full [mcve]? – dbc Jan 13 '21 at 19:12
  • 1
    I will put together a repository for a reproducible example and share it here when I am done. Thanks! – JBoy Jan 13 '21 at 19:41
  • I should have mentioned that the endpoint where the issue is occurring is an OData endpoint using the Microsoft.AspNetCore.OData package. The issue seems to be with OData since I could not reproduce it when using a standard REST endpoint. I will edit the question and include a link to the repository where the issue is reproduced. – JBoy Jan 13 '21 at 20:51

0 Answers0