473,327 Members | 1,936 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

DataGrid and Htmlencode

Welcome.
I have a common problem with the datagrid: when the data source contains
html tags (<script>document.location.href='www.badsite.com' </script> for
example) the page with the datagrid becomes unsafe. I have found two
possible solutions in the net:
- using template columns and HTMLEncode
- using ItemCreated event of the datagrid
Both method works but the grid grows drasticly. And when I have
dynamicly created SQL query, used with AutoGenerateColumns property the
above methods do not apply.

I think the better solution is extending the datagrid in such way, that
the ServerHTML encode will be called on every bound column (without touching
hyperlink , template, etc columns). The problem is that I have to little
experience in writting controls to manage that. I don't know which methods
should be ovverriden and how. I think, something like "CreateItem" or
"InitializeItem" - but I'm totally mixed.
Could you point me in the right direction? (absolutly don't want the
ready code, I just need some ideas)

Regards
Nov 17 '05 #1
0 3072

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Nedu N | last post by:
Hi, I want to display the XML tags (for the the XML tags is the data that is stored in a table) on the datagrid using the datasets. But since the data itself is the XML tag it doesn't appera on...
2
by: SKG | last post by:
i have a datagrid which has to display values like <Main> and <SubMain> But then they appear to be blank. I found when these values are placed in datagrid cells <td></td> they do not show. how can...
1
by: M | last post by:
I would thought the DataGrid would HtmlEncode everything before displaying. It appears that it does not. Isn't that a security concern? Anyway to force the DataGrid to HtmlEncode? Thanks.
1
by: the friendly display name | last post by:
Simple question: How to make datagrid paging work without javascript? I have a simple datagrid, which gets populated by a dataview, it works perfectly, paging works too, but, as I said, it...
0
by: Erik | last post by:
Why isn't my update method getting called? Pasted below is an aspx from a 1.1 application I'm working on. It has two textboxes and a button for inserting data into the database, and a datagrid...
3
by: Greg Collins [Microsoft MVP] | last post by:
I have a SQL2005 XML column I load into a DataSet. I then bind to a DataGrid. If I set an asp:Literal text value to the DataSet.GetXml() when I first load it into the DataSet, it displays...
6
by: LamSoft | last post by:
I have a cell in the datagrid, which the original data is as following: Testing1 Testing2 Testing3 Testing4 There are 4 lines, while it displays on the browser, it shows as a line, and I...
5
by: =?Utf-8?B?SnVsaWEgQg==?= | last post by:
Hi all I've got a datagrid with column with the numeric format {0:F2}. However this format expression does not give the numbers comma separators, which I need. I can't use the currency format,...
0
by: webaccess | last post by:
Hi Friends ..!! I want to use datagrid/dataview control to data in tablular format,also I want to add paging and format the data of table column. Problem is data is coming from API Dom in as...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.