retaining html input in textbox...

using a textarea in a form to capture user text entry that includes html code... when storing the text, the greater-than and less-than symbols are being replaced with their & equivalent codes. i tried server.htmlencode and htmldecode and not fixing it.

any ideas?
LVL 1
loyaliserAsked:
Who is Participating?
 
AerosSagaCommented:
This is because the embeded html code could countain a malicious script to attempt to compromise your system.  ASP.NET recognizes this, the only way to leave the html intact is to disable validation for the whole page in the page directive.

Regards,

Aeros
0
 
AerosSagaCommented:
If you still want to turn off validation to retain the html see here for example:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/html/cpconpage.asp

Regards,

Aeros
0
 
gregoryyoungCommented:
here's a good article describing your options http://asp.net/faq/RequestValidation.aspx ...

this is exactly what you want to do ...

<%@ Page ValidateRequest="FALSE" language="C#" %>

<script runat="server">

void EnterBtn_Click(Object Src, EventArgs E) {
Message.Text = "Hi " + HttpUtility.HtmlEncode(Name.Text) + ", welcome to ASP.NET!";
}

</script>
<html>
<body>
<form runat=server>
Please enter your name: <asp:textbox id="Name" runat=server/>
<asp:button text="Enter" Onclick="EnterBtn_Click" runat=server/><br>
<asp:label id="Message" runat=server/>
</form>
</body>
</html>
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.