Can the max length on an asp.net text box control be changed before the page is submitted for postback?
Posted on 2016-09-03
I have an Asp.net web form with several text box controls on it. Each text box control has a limit on the number of characters
that can be entered into each text box. Below is an example where the size is limited to 10 characters of input.
Is it possible for a hacker to change the value for the max length of the text box control? It seems to me that somehow if the hacker
were able to do a view source, and then change the field size by manually changing the html page. That he could do that and then submit the web form.
<asp:TextBox ID="TextBox1" runat="server" MaxLength="10"></asp:TextBox>