I am having several problems with the ajax htmleditorextender. First of all, if I set enablesanitization to true all my data is gone when I go to write out the data I loaded into the textbox. Secondly, if I turn off enablesanitization, the program turns
all my html code into ascii code so that when I read the saved code back into my textbox, it shows native html code rather than the interpreted code. Lastly, if I read in an html file that contains POSITION: absolute in the style section it places the code
into its absolute position outside the textbox.
I would appreciate any replies to these questions. I am especially curious as to why all my data is gone when I go to write out my output from the textbox when enablesanitization is true.
Thanks for your reply. I am reviewing my code again. In debug mode I can see that my editor control has data in it but it does display anything in the text box. I do have some odd markups in my file such as <!wsdate>. Can this cause the editor's sanitization
not to display its text?
I verified that if I remove any strange markup such as <!wsdate> the editor will not display any text it contains. Also, if the text contains a style parmeter of POSITION: absolute, it displays the text outside the box wherever the style position is specified.
To me that is a bug.
I wish to correct my previous statement. If there is a strange markup such as <!wsdate> in my input to the editor control, then when writing out the data from the editor control, all of the data included between markups is omitted which means when I read
the saved file back into the editor, nothing shows up. However, if I remove the strange markup <!wsdate>, data is not stripped from the file and the file looks normal when reading it back into the editor control. If I set enable sanitization to false then
I have no problems at all. So it appears to me that the sanitization routine is too rigorous and I find that I cannot use the editor under those conditions. If I am not writing data to a database I feel that the sanitization routine is not necessary since
I have my own edit routine to catch sql injection codes such as varchar, +declare, etc.
Minonk
Member
11 Points
15 Posts
htmleditorextender strips all data
Jan 20, 2013 04:04 PM|LINK
I am having several problems with the ajax htmleditorextender. First of all, if I set enablesanitization to true all my data is gone when I go to write out the data I loaded into the textbox. Secondly, if I turn off enablesanitization, the program turns all my html code into ascii code so that when I read the saved code back into my textbox, it shows native html code rather than the interpreted code. Lastly, if I read in an html file that contains POSITION: absolute in the style section it places the code into its absolute position outside the textbox.
I would appreciate any replies to these questions. I am especially curious as to why all my data is gone when I go to write out my output from the textbox when enablesanitization is true.
chetan.sarod...
All-Star
65619 Points
11118 Posts
Re: htmleditorextender strips all data
Jan 21, 2013 02:56 AM|LINK
Refer this
http://www.asp.net/ajaxLibrary/AjaxControlToolkitSampleSite/HTMLEditorExtender/HTMLEditorExtender.aspx
http://forums.asp.net/t/1824233.aspx/1
http://forums.asp.net/t/1826086.aspx/1
Senior Software Engineer,
Approva Systems Pvt Ltd, Pune, India.
Yanping Wang...
Star
14859 Points
1525 Posts
Microsoft
Re: htmleditorextender strips all data
Jan 22, 2013 04:20 AM|LINK
Hi minonk,
Could you share us your realted markup to demonstrate the issue your descripted. thanks.
Feedback to us
Develop and promote your apps in Windows Store
Minonk
Member
11 Points
15 Posts
Re: htmleditorextender strips all data
Jan 22, 2013 03:25 PM|LINK
Thanks for your reply. I am reviewing my code again. In debug mode I can see that my editor control has data in it but it does display anything in the text box. I do have some odd markups in my file such as <!wsdate>. Can this cause the editor's sanitization not to display its text?
Minonk
Member
11 Points
15 Posts
Re: htmleditorextender strips all data
Jan 22, 2013 03:40 PM|LINK
I verified that if I remove any strange markup such as <!wsdate> the editor will not display any text it contains. Also, if the text contains a style parmeter of POSITION: absolute, it displays the text outside the box wherever the style position is specified. To me that is a bug.
Minonk
Member
11 Points
15 Posts
Re: htmleditorextender strips all data
Jan 22, 2013 04:35 PM|LINK
I wish to correct my previous statement. If there is a strange markup such as <!wsdate> in my input to the editor control, then when writing out the data from the editor control, all of the data included between markups is omitted which means when I read the saved file back into the editor, nothing shows up. However, if I remove the strange markup <!wsdate>, data is not stripped from the file and the file looks normal when reading it back into the editor control. If I set enable sanitization to false then I have no problems at all. So it appears to me that the sanitization routine is too rigorous and I find that I cannot use the editor under those conditions. If I am not writing data to a database I feel that the sanitization routine is not necessary since I have my own edit routine to catch sql injection codes such as varchar, +declare, etc.