I'm getting thousands of messages like this in my Application Event Log for IIS wp3.exe...all regarding the same web page.
Exception message: A potentially dangerous Request.Form value was detected from the client (TextBox1="...ifsbwjwf, <a href="http://cial
The textbox on that page is meant for a user to enter a City or ZIP code, thus only for characters, numbers, dashes, commas, and the occasional apostrophe
So here is my goal: I want to eliminate this error message popping up in my event log (I need to properly handle it), and I want to make sure that I'm also not just allowing my form to be wide open to malicious text box entries.
What is my best step? Thanks!