Re: Displaying User-Supplied String
- From: "Mark Rae [MVP]" <mark@xxxxxxxxxxxxxxxxx>
- Date: Thu, 4 Oct 2007 00:31:42 +0100
"Jonathan Wood" <jwood@xxxxxxxxxxxxxxxx> wrote in message news:OQP8jRhBIHA.4496@xxxxxxxxxxxxxxxxxxxxxxx
Right. I tested it by surrounding my input with <b> and </b>. To my surprise, it causes an unhandled exception: A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder1$description="<b>Property1</b>").
Yes, that is ASP.NET's standard response to this sort of thing... By default, it considers posting of HTML as *potentially* dangerous, as Jesse correctly explained...
You have several options here, depending on what you're trying to do...
Can you explain a bit more about what is and, more importantly, what is not valid data in this case...
--
Mark Rae
ASP.NET MVP
http://www.markrae.net
.
- Follow-Ups:
- Re: Displaying User-Supplied String
- From: Jonathan Wood
- Re: Displaying User-Supplied String
- References:
- Re: Displaying User-Supplied String
- From: Mark Rae [MVP]
- Re: Displaying User-Supplied String
- From: Jesse Houwing
- Re: Displaying User-Supplied String
- From: Jonathan Wood
- Re: Displaying User-Supplied String
- Prev by Date: Re: Displaying User-Supplied String
- Next by Date: Re: Exteding the AdRotator Control and Advert.xml file to track advert stats
- Previous by thread: Re: Displaying User-Supplied String
- Next by thread: Re: Displaying User-Supplied String
- Index(es):
Relevant Pages
|
