¿Cómo usar Server.HtmlEncode con cuadro de texto en ASP.NET?

When i am entering a value like "" in textbox then its throwing following error. enter image description here

Someone told me to use Server.HTMLencode/Server.HTMLdcode. but i dont know how to use it with textbox. Please help me.

preguntado el 28 de agosto de 12 a las 13:08

Why do you want to support html in your textbox? Do you want to use it as a RichText Editor? -

no actually our Project Manager has showed me a checklist in which this type of text also included so i am just working on that..... -

3 Respuestas

you must pass special caracter in your textbox for example < or > ...

you can adjust ValidateRequest to false in order to authorize, you adjust on your page

<%@ Page validateRequest="false" %> 

link: http://www.asp.net/whitepapers/request-validation

Respondido 28 ago 12, 13:08

If you want to allow these values, add ValidateRequest="false" En el correo electrónico “Su Cuenta de Usuario en su Nuevo Sistema XNUMXCX”. <%@ page declaración

Be aware that this does leave you more vulnerable to potential XSS attacks, etc.

Respondido 28 ago 12, 13:08

If you use .NET 4.5 you can set the requestValidationMode to 4.5:

<httpRuntime requestValidationMode="4.5" />

And then access the unvalidated querystring of form field data with:

Request.Unvalidated.Form["name"];

Then you can html decode the string to prevent XSS, I recommend to use the AntiXSS library for this (it's baked in ASP.NET 4.5).

Respondido 28 ago 12, 14:08

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.