Localization and Potentially Dangerous Request.Form Values
- From: "djmc" <allnightcoder@xxxxxxxxx>
- Date: Wed, 18 Apr 2007 09:53:40 -0700
Using the asp.net button control (and I assume others), I place the phrase
"Don't Save" in the .Text field. The button displays without any problems,
but upon postback, the server responds with "A potentially dangerous
Request.Form value was detected". I've determined this problem is due to
the single quote in the string.
My main problem occurs when trying to localize our application. In many
foreign languages, the apostrophe is used quite frequently, and it is a
difficult requirement to ask our translators to find phrases without single
quotes. The translator does not know if the key/value of the resource is
destined for static localized text on a page, or if it will be used on a
button or control that will be validated upon postback.
How does one deal with balancing security and localization?
.
- Prev by Date: Question on Best Practices for ASP.Net forms
- Next by Date: Re: DataItem in last row of Repeater data not being formatted
- Previous by thread: Question on Best Practices for ASP.Net forms
- Next by thread: Re: Different Tooltip for each Item in dropdownlist using ASP.NEt with
- Index(es):
