Sign In| Join
Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Apr 19, 2012 02:02 PM by Mikesdotnetting
Member
24 Points
37 Posts
Apr 19, 2012 12:56 PM|LINK
Yea not ideal, I've managed to get round it by turning the validation off
great editor though so thanks for pointing me towards that
All-Star
154905 Points
19866 Posts
Moderator
MVP
Apr 19, 2012 02:02 PM|LINK
craig_inb Keep in mind that this data could contain dangerous code such as SQL Injection
The Request Validation feature in ASP.NET does not protect against SQL Injection. It is there to protect against potential XSS attacks (http://weblogs.asp.net/jgalloway/archive/2011/04/28/preventing-javascript-encoding-xss-attacks-in-asp-net-mvc.aspx). You use input validation and parameters for dynamic values in database commands to protect against SQL injection.
tonyjoanes
Member
24 Points
37 Posts
Re: paste news article from word and save in db
Apr 19, 2012 12:56 PM|LINK
Yea not ideal, I've managed to get round it by turning the validation off
great editor though so thanks for pointing me towards that
Mikesdotnett...
All-Star
154905 Points
19866 Posts
Moderator
MVP
Re: paste news article from word and save in db
Apr 19, 2012 02:02 PM|LINK
The Request Validation feature in ASP.NET does not protect against SQL Injection. It is there to protect against potential XSS attacks (http://weblogs.asp.net/jgalloway/archive/2011/04/28/preventing-javascript-encoding-xss-attacks-in-asp-net-mvc.aspx). You use input validation and parameters for dynamic values in database commands to protect against SQL injection.
Beginning ASP.NET Web Pages with WebMatrix | My Site | Twitter