How to avoid this?!

[Cipher]

When i try to get values with tags ie:"<HTML>", "<Script>" from TextBox i get this error

A potentially dangerous Request.Form value was detected from the client (TextBox="<html></html>").

any idea about how to avoid this?!

[UnexplainedWays]

yep, it's simple.

Up in the <%@Page... just add this -> validateRequest="false"

HOWEVER, you do need to realise why this setting restricts you in default.

Basically, if you allow someone to include there own html tags in a given text

eg: <b>Words</b>... there's nothing to stop them from doing this

<b>Words</b><script>for(i=1;i<=1000;i++){window.open("www.mysite.com")}</script>

If you wanted to then display it to the screen, you can encode and decode the text to make it display without doing any bad stuff.

[Cipher]

Well i found that there's you must do something else, or if the users typed something like this:
<script language="javascript">alert('anything')</script>
it will be executed and wont be saved as text, to avoid this
Server.HtmlEncode(TextBox.Text)

[UnexplainedWays]

I dont think the page will even get to the part where it can get the value of a textbox without the validateRequest="false"

[Cipher]

sure wt i mean is that you must add this code not to execute the tags the user enter