Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 338
  • Last Modified:

How to save the HTML formatted Text with Page Validation.

Hi,
I am trying to save the HTML formatted Text entered in the Text Box into Data Base through stored procedure.Ex:<b>,<br/><i> Tags
I am getting the potentially dangerous request error.
I am doing the page validation. I can't go without page validation.
How to save the HTML formatted Text to DataBase with Page Validation.

Thanks
0
KavyaVS
Asked:
KavyaVS
2 Solutions
 
s_chilkuryCommented:
This is referred as Request Validation - http://msdn.microsoft.com/library/hh882339(v=vs.100).aspx

When you are sure that you will use HTML-encode everywhere then pass strings to HTML and then set Page's validateRequest="false"

AND

If you are on .net 4.0 make sure you add this in your web.config
Inside the <system.web> tags

<httpRuntime requestValidationMode="2.0" />

Check this out:
http://forums.asp.net/t/1634650.aspx?Potentially+Dangerous+Request+Form+Error
0
 
Hiran DesaiSolution ArchitectCommented:
The above solution provided by @s_chilkury will work fine...but not recommended..

The reason is you are opening a security breach.

Instead of that what you can do is Use some sort of JavaScript that will encode your HTML at client side and send it to the server. Save the same in DB with SP which won't cause any problem and when ever you are getting it back from DB you can Decode it.

while taking such decision make sure to keep in mind
as You also need to check it at Server side...


IF you are ok with that, then Above solution provided by @s_chilkury will work fine
0
 
KavyaVSAuthor Commented:
Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now