<div>
<div class="content wysiwyg-content">
I have an Asp.net web form with several text box controls on it. Each text box control has a limit on the number of characters<br />
that can be entered into each text box. Below is an example where the size is limited to 10 characters of input.<br />
Is it possible for a hacker to change the value for the max length of the text box control? It seems to me that somehow if the hacker<br />
were able to do a view source, and then change the field size by manually changing the html page. That he could do that and then submit the web form.<br />
<br />
<br />
<br />
&lt;asp:TextBox ID=&quot;TextBox1&quot; runat=&quot;server&quot; MaxLength=&quot;10&quot;&gt;&lt;/asp:TextB<wbr />ox&gt;
</div>
</div>


I have an Asp.net web form with several text box controls on it. Each text box control has a limit on the number of characters
that can be entered into each text box. Below is an example where the size is limited to 10 characters of input.
Is it possible for a hacker to change the value for the max length of the text box control? It seems to me that somehow if the hacker
were able to do a view source, and then change the field size by manually changing the html page. That he could do that and then submit the web form.



<asp:TextBox ID="TextBox1" runat="server" MaxLength="10"></asp:TextBox>

Can the max length on an asp.net text box control be changed before the page is submitted for postback?

The successor to Active Server Pages, ASP.NET websites utilize the .NET framework to produce dynamic, data and content-driven web applications and services. ASP.NET code can be written using any .NET supported language. As of 2009, ASP.NET can also apply the Model-View-Controller (MVC) pattern to web applications