How to avoid this?!
When i try to get values with tags ie:"<HTML>", "<Script>" from TextBox i get this error
A potentially dangerous Request.Form value was detected from the client (TextBox="<html></html>").
any idea about how to avoid this?!
yep, it's simple.
Up in the <%@Page... just add this -> validateRequest="false"
HOWEVER, you do need to realise why this setting restricts you in default.
Basically, if you allow someone to include there own html tags in a given text
eg: <b>Words</b>... there's nothing to stop them from doing this
If you wanted to then display it to the screen, you can encode and decode the text to make it display without doing any bad stuff.
Well i found that there's you must do something else, or if the users typed something like this:
it will be executed and wont be saved as text, to avoid this
I dont think the page will even get to the part where it can get the value of a textbox without the validateRequest="false"
sure wt i mean is that you must add this code not to execute the tags the user enter
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)