Solved

Textbox containing < > needs to be cleared before submitting page

Posted on 2014-01-07
5
307 Views
Last Modified: 2014-02-18
Hello,

I have an asp.net project which creates some html in textboxes for my users to copy and paste into their html code.

These textboxes change values based on a dropdownlist_SelectedIndexChanged() postback.

This is causing my program to crash. I need to clear TextBox values before the form is submitted.

How should I handle this problem. Please give coding examples.
0
Comment
Question by:tatton777
  • 3
5 Comments
 
LVL 12

Expert Comment

by:Jitendra Patil
Comment Utility
can you please post your mark up & code behind here ? so that we  can help you in better way.
0
 
LVL 22

Expert Comment

by:Mrunal
Comment Utility
For communication, you need to encode and decode your textbox value (which contains html code).

For storing these values in database also, better approach is first encode value and save in database.
While displaying same value, decode it and display on UI.

References:

Encode:
http://msdn.microsoft.com/en-us/library/w3te6wfz(v=vs.110).aspx

Decode:
http://msdn.microsoft.com/en-us/library/hwzhtkke(v=vs.110).aspx

Hope this helps you.
0
 
LVL 12

Expert Comment

by:Jitendra Patil
Comment Utility
you can try a small hack.

before updating the value of textboxt based on dropdownlist selection, just clear the textbox first and then add the new value as per your choice.
like:
textbox.Text="";
textbox.Text= Dropdownlist1.selecteditem.text.tostring();

Hope this helps.
0
 
LVL 1

Author Comment

by:tatton777
Comment Utility
Here's some example code.

<%@ Page Language="C#" %>

<!DOCTYPE html>

<script runat="server">

    protected void Button1_Click(object sender, EventArgs e)
    {        
        TextBox1.Text = "<a href='yahoo.com'></a>";
        Label1.Text = "After textbox populated, error thrown on button click";
    }
</script>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    
        <asp:TextBox ID="TextBox1" runat="server" Width="331px"></asp:TextBox>
        <br />
        <asp:Button ID="Button1" runat="server" Text="Button" OnClick="Button1_Click" />
    
        <br />
        <asp:Label ID="Label1" runat="server" Text="Click to populate textbox"></asp:Label>
    
    </div>
    </form>
</body>

Open in new window

0
 
LVL 12

Accepted Solution

by:
Jitendra Patil earned 500 total points
Comment Utility
hi  use

<httpRuntime requestValidationMode="2.0" />

in your web.config (keeping any attributes you already have on that element, if it's already there). ASP.NET4.0 ignores ValidateRequest otherwise.

And, of course, do make sure that you take necessary measures to protect against genuinely dangerous requests, now that it's not being done for you.

A great way of doing this is to create your own class derived from RequestValidator, and using the 4.0 behaviour, but with that as the class that does the checking.

please read the solution from the below link
A potentially dangerous Request.Form value was detected from the client

hope this helps.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Today is the age of broadband.  More and more people are going this route determined to experience the web and it’s multitude of services as quickly and painlessly as possible. Coupled with the move to broadband, people are experiencing the web via …
Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now