Learning Curve…

Request Validation…

Posted on: May 23, 2011

 By design, an ASP.NET page throws an exception whenever one of the controls on a page contains content that looks like HTML tags. For example when you enter

<h1>Hello World</h1> or <script type=”text/javascript”>alert(‘Hello World’);</script>

as  the contents for the comments text box in the your form.The ASP.NET runtime does this to prevent users from entering HTML or JavaScript that can potentially mess with the design or workings of your web site. If you’re sure you want to allow your users to enter HTML, you can disable request validation by setting the  ValidateRequest attribute in the

@ Page directive to False:

<%@ Page …. Inherits=”Contact” Title=”Contact Us” ValidateRequest=”False” %>

With this setting set to False, users can enter HTML without causing an error. Just make sure you really want to allow users to enter HTML when you set  ValidateRequest to False.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Author

Learning days (Calendar)

May 2011
M T W T F S S
« Mar   Jul »
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Knowledge Bank (Archives)

I am on Twitter

Blog Stats

  • 507,854 hits

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 43 other followers

%d bloggers like this: