Solved

Textbox containing < > needs to be cleared before submitting page

Posted on 2014-01-07
5
313 Views
Last Modified: 2014-02-18
Hello,

I have an asp.net project which creates some html in textboxes for my users to copy and paste into their html code.

These textboxes change values based on a dropdownlist_SelectedIndexChanged() postback.

This is causing my program to crash. I need to clear TextBox values before the form is submitted.

How should I handle this problem. Please give coding examples.
0
Comment
Question by:tatton777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 12

Expert Comment

by:jitendra patil
ID: 39764375
can you please post your mark up & code behind here ? so that we  can help you in better way.
0
 
LVL 22

Expert Comment

by:Mrunal
ID: 39764418
For communication, you need to encode and decode your textbox value (which contains html code).

For storing these values in database also, better approach is first encode value and save in database.
While displaying same value, decode it and display on UI.

References:

Encode:
http://msdn.microsoft.com/en-us/library/w3te6wfz(v=vs.110).aspx

Decode:
http://msdn.microsoft.com/en-us/library/hwzhtkke(v=vs.110).aspx

Hope this helps you.
0
 
LVL 12

Expert Comment

by:jitendra patil
ID: 39767854
you can try a small hack.

before updating the value of textboxt based on dropdownlist selection, just clear the textbox first and then add the new value as per your choice.
like:
textbox.Text="";
textbox.Text= Dropdownlist1.selecteditem.text.tostring();

Hope this helps.
0
 
LVL 1

Author Comment

by:tatton777
ID: 39769054
Here's some example code.

<%@ Page Language="C#" %>

<!DOCTYPE html>

<script runat="server">

    protected void Button1_Click(object sender, EventArgs e)
    {        
        TextBox1.Text = "<a href='yahoo.com'></a>";
        Label1.Text = "After textbox populated, error thrown on button click";
    }
</script>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    
        <asp:TextBox ID="TextBox1" runat="server" Width="331px"></asp:TextBox>
        <br />
        <asp:Button ID="Button1" runat="server" Text="Button" OnClick="Button1_Click" />
    
        <br />
        <asp:Label ID="Label1" runat="server" Text="Click to populate textbox"></asp:Label>
    
    </div>
    </form>
</body>

Open in new window

0
 
LVL 12

Accepted Solution

by:
jitendra patil earned 500 total points
ID: 39770664
hi  use

<httpRuntime requestValidationMode="2.0" />

in your web.config (keeping any attributes you already have on that element, if it's already there). ASP.NET4.0 ignores ValidateRequest otherwise.

And, of course, do make sure that you take necessary measures to protect against genuinely dangerous requests, now that it's not being done for you.

A great way of doing this is to create your own class derived from RequestValidator, and using the 4.0 behaviour, but with that as the class that does the checking.

please read the solution from the below link
A potentially dangerous Request.Form value was detected from the client

hope this helps.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question