Last post Nov 03, 2009 07:40 AM by assafg
Nov 01, 2009 08:14 AM|assafg|LINK
I'm building my very first mvc project I'm having this problem
i have a text area for users to write same text ,
more or less in a twiter style site
how ever in this text area if the user write same html tags (like <p> , br/> and so on I'm getting this Error :
I would like to have same valuator that just ignore any html tags that where written by user
How do I approach this ?
Nov 01, 2009 08:22 AM|assafg|LINK
Sorry I don’t know why the error was not include in the original massage
Here it is
Nov 01, 2009 08:41 AM|shawpnendu|LINK
Add the tag in your page directive : ValidateRequest="false" will resolve your problem.
Nov 01, 2009 09:01 AM|assafg|LINK
<% Html.BeginForm( ); %>
<label id="statusLabel" for="status">Write your vort</label>
<textarea id="userTextBox" name="status" cols="80" rows="2" ></textarea><br />
<button type="submit" >Update</button>
<% Html.EndForm(); %>
Non of the above tags except this
This is the code I'm using
Nov 01, 2009 12:07 PM|gerrylowry|LINK
You need to do or at least read this tutorial:
VB or C#
ValidateRequest="false" is required
(a) if you want to Html.Encode, and/or
(b) if you want to allow "<"
ASP.NET in general, by default, protects against black hat hackers and
script kiddies entering malicious code into your textboxes.
By forcing developers to use ValidateRequest="false" Microsoft is protecting people against
the wicked people "out there". Microsoft is also likely protecting Microsoft from
see also http://www.asp.net/learn/whitepapers/request-validation/
To disable request validation for your application, you must modify or create a Web.config file for your application and set the validateRequest attribute of the
<pages /> section to
To disable request validation on a page you must set the
Nov 02, 2009 12:22 AM|devilfeng|LINK
you can add attribute ValidataInput(false) at controller, and if need display this text area content on page, need Html.Encode()...
Nov 02, 2009 08:16 AM|assafg|LINK
Thanks every one,
It look like that what I need is a Validate that pop up a message that say "
Illegal character "
And display the character them self , how do I do that?
Nov 02, 2009 03:35 PM|gerrylowry|LINK
You do not need a popup ... standard ASP.NET MVC validation is better imo ... here are the tutorial links:
Nov 03, 2009 07:40 AM|assafg|LINK
thanks a lot Gerry ,
this is what i needed