Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Textbox containing < > needs to be cleared before submitting page

Posted on 2014-01-07
5
Medium Priority
?
318 Views
Last Modified: 2014-02-18
Hello,

I have an asp.net project which creates some html in textboxes for my users to copy and paste into their html code.

These textboxes change values based on a dropdownlist_SelectedIndexChanged() postback.

This is causing my program to crash. I need to clear TextBox values before the form is submitted.

How should I handle this problem. Please give coding examples.
0
Comment
Question by:tatton777
  • 3
5 Comments
 
LVL 13

Expert Comment

by:Jitendra Patil
ID: 39764375
can you please post your mark up & code behind here ? so that we  can help you in better way.
0
 
LVL 22

Expert Comment

by:Mrunal
ID: 39764418
For communication, you need to encode and decode your textbox value (which contains html code).

For storing these values in database also, better approach is first encode value and save in database.
While displaying same value, decode it and display on UI.

References:

Encode:
http://msdn.microsoft.com/en-us/library/w3te6wfz(v=vs.110).aspx

Decode:
http://msdn.microsoft.com/en-us/library/hwzhtkke(v=vs.110).aspx

Hope this helps you.
0
 
LVL 13

Expert Comment

by:Jitendra Patil
ID: 39767854
you can try a small hack.

before updating the value of textboxt based on dropdownlist selection, just clear the textbox first and then add the new value as per your choice.
like:
textbox.Text="";
textbox.Text= Dropdownlist1.selecteditem.text.tostring();

Hope this helps.
0
 
LVL 1

Author Comment

by:tatton777
ID: 39769054
Here's some example code.

<%@ Page Language="C#" %>

<!DOCTYPE html>

<script runat="server">

    protected void Button1_Click(object sender, EventArgs e)
    {        
        TextBox1.Text = "<a href='yahoo.com'></a>";
        Label1.Text = "After textbox populated, error thrown on button click";
    }
</script>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    
        <asp:TextBox ID="TextBox1" runat="server" Width="331px"></asp:TextBox>
        <br />
        <asp:Button ID="Button1" runat="server" Text="Button" OnClick="Button1_Click" />
    
        <br />
        <asp:Label ID="Label1" runat="server" Text="Click to populate textbox"></asp:Label>
    
    </div>
    </form>
</body>

Open in new window

0
 
LVL 13

Accepted Solution

by:
Jitendra Patil earned 2000 total points
ID: 39770664
hi  use

<httpRuntime requestValidationMode="2.0" />

in your web.config (keeping any attributes you already have on that element, if it's already there). ASP.NET4.0 ignores ValidateRequest otherwise.

And, of course, do make sure that you take necessary measures to protect against genuinely dangerous requests, now that it's not being done for you.

A great way of doing this is to create your own class derived from RequestValidator, and using the 4.0 behaviour, but with that as the class that does the checking.

please read the solution from the below link
A potentially dangerous Request.Form value was detected from the client

hope this helps.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question