D DDK May 12, 2004 #1 How would I let users input HTML in a textbox, while securing it from script attacks with ASP.NET + C#? Thanks, d.
How would I let users input HTML in a textbox, while securing it from script attacks with ASP.NET + C#? Thanks, d.
W William F. Robertson, Jr. May 12, 2004 #2 One, placing a "<script" in a text box will bomb a typical installation of asp.net. You can wire to the onblur event for the text box and replace all "<(anychar)" with "< (anychar)" and then inspect for "<script" tag and remove them. bill
One, placing a "<script" in a text box will bomb a typical installation of asp.net. You can wire to the onblur event for the text box and replace all "<(anychar)" with "< (anychar)" and then inspect for "<script" tag and remove them. bill
