Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ASP.NET code injection into web/html control causes W3C markup validation failure

Posted on 2007-04-10
2
Medium Priority
?
698 Views
Last Modified: 2013-11-19
Hello,

First off, my goal is to have my ASP.NET 2.0 web application to pass the W3C markup validation test using this DOCTYPE:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

I have encountered the following problem, and its killing me. When I add a button control (either <ASP:BUTTON... /> or <input button... runat=server... /> ), and add client-side javascript in the code-behind to the client-onclick event handler-- asp.net injects code that causes the page to fail the W3C markup validation test.

The actual button control currently looks like this:
<input type="button" ID="button_delete" onserverclick="fnDelete" Value="Delete Contact" Runat="server" />

My code that adds client side script (in code behind) to the button looks something like this:
button_delete.Attributes.Add("onclick", "fnDeleteItClientSide());");

When the page is run-- the button control ends up looking like this:
<input language="javascript" onclick="fnDeleteIt(); __doPostBack('cntrlContact$button_delete','')" name="cntrlContact$button_delete" type="button" id="cntrlContact_button_delete" value="Delete Contact" />

This is being injected in my button: language="javascript" .... and this code injection is causing my page to fail the W3C validation test. HOW DO I GET RID OF THIS language="javascript"-- HELP!

Thanks!
0
Comment
Question by:NeonSnake
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 15

Accepted Solution

by:
igor_alpha earned 2000 total points
ID: 18886049
Hi NeonSnake,
You can rid injection by using button server control. Furthemore, button server control in your case have more sense.
Just change "input type button" with "asp:button":
<asp:Button ID="button_delete" runat="server" Text="Delete Contact" UseSubmitBehavior="false" />
Leave codebehind unchanged and you see that language="javascript" string now disappear...
0
 

Author Comment

by:NeonSnake
ID: 18890625
Thanks-- this works.

Funny-- I thought I tried that already, guess not.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface This is the third article about the EE Collaborative Login Project. A Better Website Login System (http://www.experts-exchange.com/A_2902.html) introduces the Login System and shows how to implement a login page. The EE Collaborative Logi…
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question