Bind attribute lets you “fine-tune” the model-binding process of certain parameter Type, without registering a custom ModelBinder specific to the Type.
For example, assume your Action is expecting a Person parameter defined as follows:
public class Person
{
public Person(string firstName, string lastName, Gender gender)
{
this.FirstName = firstName;
this.LastName = lastName;
if (gender == Gender.Male)
this.FullName = "Mr. " + this.FirstName + " " + this.LastName;
else
this.FullName = "Mrs. " + this.FirstName + " " + this.LastName;
}
public string FirstName { get; set; }
public string LastName { get; set; }
public Gender Gender { get; set; }
// 'FullName' is a computed column:
public string FullName { get; set; }
}
And the Action:
public ActionResult Edit(Person person)
{
...
}
Now, if someone is posting the following JSON:
{
"FirstName":"John",
"LastName":"Smith",
"Gender":"Male",
"FullName":"Mrs. John Smith"
}
Your Action will now have a person with the wrong FullName (‘Mrs’ instead of ‘Mr’).
To avoid such behavior you can use the Bind attribute and explicitly exclude the FullName property from the binding process (‘Black-list’):
public ActionResult Edit([Bind(Exclude="FullName")] Person person)
{
...
}
Alternatively, you can use Include to ignore (‘Black-list’) all properties and only include (‘White-list’) the specified properties:
public ActionResult Edit([Bind(Include="FirstName,LastName,Gender")] Person person)
{
...
}
More info on MSDN.