ValidateInput(false) still trigger the validation in IValidatableObject

Question

I have a controller which I dont want to validate, when called upon.

My controller:

[Authorize(Roles = "Admin")]
[HttpPost]
[ValidateInput(false)]
public ActionResult Delete(MyLINQClass model)
{
    // Do something
}

My model:

[MetadataType(typeof(MyLINQClass MetaData))]
public partial class MyLINQClass : DefaultModel, IValidatableObject
{
    public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
    {
         // Do validation
    }
}

I do not want the validate to be triggered, and I thought adding [ValidateInput(false)] would help. But the Validate() is still triggered.

Im using ASP MVC 3 and .NET 4.

Answer 1

The [ValidateInput(false)] is not related to model validation. It disables ASP.NET validation for XSS characters in the request such as <, >, ... The validation is triggered by the default model binder when it tries to bind the MyViewModel parameters. If you don't want to perform validation, simply write another view model that the Delete action will take as parameter and which won't have any Validate method.