Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to save the HTML formatted Text with Page Validation.

Posted on 2014-01-07
3
Medium Priority
?
336 Views
Last Modified: 2014-01-22
Hi,
I am trying to save the HTML formatted Text entered in the Text Box into Data Base through stored procedure.Ex:<b>,<br/><i> Tags
I am getting the potentially dangerous request error.
I am doing the page validation. I can't go without page validation.
How to save the HTML formatted Text to DataBase with Page Validation.

Thanks
0
Comment
Question by:KavyaVS
3 Comments
 
LVL 9

Accepted Solution

by:
s_chilkury earned 1400 total points
ID: 39763460
This is referred as Request Validation - http://msdn.microsoft.com/library/hh882339(v=vs.100).aspx

When you are sure that you will use HTML-encode everywhere then pass strings to HTML and then set Page's validateRequest="false"

AND

If you are on .net 4.0 make sure you add this in your web.config
Inside the <system.web> tags

<httpRuntime requestValidationMode="2.0" />

Check this out:
http://forums.asp.net/t/1634650.aspx?Potentially+Dangerous+Request+Form+Error
0
 
LVL 4

Assisted Solution

by:Hiran Desai
Hiran Desai earned 600 total points
ID: 39764439
The above solution provided by @s_chilkury will work fine...but not recommended..

The reason is you are opening a security breach.

Instead of that what you can do is Use some sort of JavaScript that will encode your HTML at client side and send it to the server. Save the same in DB with SP which won't cause any problem and when ever you are getting it back from DB you can Decode it.

while taking such decision make sure to keep in mind
as You also need to check it at Server side...


IF you are ok with that, then Above solution provided by @s_chilkury will work fine
0
 

Author Closing Comment

by:KavyaVS
ID: 39800636
Thanks
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…
Suggested Courses
Course of the Month11 days, 13 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question