473,395 Members | 2,006 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > checking for html tags in a text box.

Join Bytes to post your question to a community of 473,395 software developers and data experts.

Checking for html tags in a text box.

Im using a cutom control to try to validate a text box to ensure that on the client side a validation expression is present to prevent the user from posting back html in their text box. I was only partially successful with some of the regular expressions i came up with. There are a few contraints. There can be no roundtrip to the server. The server process halts reports possible dangerous Html. Ive thought about using javascript to combat the problem
Any suggestions???
Nov 18 '05 #1
4 1624
v1.1 handles this automatically by default. You can turn it off by setting
the RequestValidate page directive to False

"Rakesh" <ra***********@hotmail.com> wrote in message
news:0A**********************************@microsof t.com...
Im using a cutom control to try to validate a text box to ensure that on the client side a validation expression is present to prevent the user from
posting back html in their text box. I was only partially successful with
some of the regular expressions i came up with. There are a few contraints.
There can be no roundtrip to the server. The server process halts reports
possible dangerous Html. Ive thought about using javascript to combat the
problem. Any suggestions???

Nov 18 '05 #2
Here's some JavaScript that I use to remove HTML tags:

var vRx = new RegExp("<(.|\n)+?>", "ig");
if (vRx.test("[your text]"))
// found means its an error
else
// its OK

Embed this into a custom validator's client-side function.

--- Peter Blum
www.PeterBlum.com
Email: PL****@PeterBlum.com
Creator of "Professional Validation And More" at
http://www.peterblum.com/vam/home.aspx

"Rakesh" <ra***********@hotmail.com> wrote in message
news:0A**********************************@microsof t.com...
Im using a cutom control to try to validate a text box to ensure that on the client side a validation expression is present to prevent the user from
posting back html in their text box. I was only partially successful with
some of the regular expressions i came up with. There are a few contraints.
There can be no roundtrip to the server. The server process halts reports
possible dangerous Html. Ive thought about using javascript to combat the
problem. Any suggestions???

Nov 18 '05 #3
Check out this faq,
http://www.extremeexperts.com/Net/FA...ptAttacks.aspx

--
Saravana
Microsoft MVP - ASP.NET
www.extremeexperts.com

"Rakesh" <ra***********@hotmail.com> wrote in message
news:0A**********************************@microsof t.com...
Im using a cutom control to try to validate a text box to ensure that on the client side a validation expression is present to prevent the user from
posting back html in their text box. I was only partially successful with
some of the regular expressions i came up with. There are a few contraints.
There can be no roundtrip to the server. The server process halts reports
possible dangerous Html. Ive thought about using javascript to combat the
problem. Any suggestions???

Nov 18 '05 #4
Yes, you definitely want to do this check on the server, not the client.
There are quite a few tools which will bypass all client validation.

Eric Lawrence
Program Manager
Assistance and Worldwide Services

This posting is provided "AS IS" with no warranties, and confers no rights.
"Saravana [MVP]" <sa******@sct.co.in.nospam> wrote in message
news:OZ*************@TK2MSFTNGP12.phx.gbl...
Check out this faq,
http://www.extremeexperts.com/Net/FA...ptAttacks.aspx

--
Saravana
Microsoft MVP - ASP.NET
www.extremeexperts.com

"Rakesh" <ra***********@hotmail.com> wrote in message
news:0A**********************************@microsof t.com...
Im using a cutom control to try to validate a text box to ensure that on the client side a validation expression is present to prevent the user

from posting back html in their text box. I was only partially successful with
some of the regular expressions i came up with. There are a few contraints. There can be no roundtrip to the server. The server process halts reports
possible dangerous Html. Ive thought about using javascript to combat the
problem.
Any suggestions???


Nov 18 '05 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

12
Checking a form input tag type works only for type text... not others...why?
by: Randell D. | last post by:
Folks, I have a form called "ourTestForm". Its a test form - nothing special - it contains five input tags - they are named one, two, three, four and five. The input tags are of type...
Javascript
18
Why does my browser not interpret the escaped HTML tags?
by: Robert Bowen | last post by:
Hello peeplez. I have an odd problem. When I put the ANSI symbol for "less than" ("<"), the word STRONG and then the ANSI symbol for "greater than" (">") in my web page, followed by some text, then...
HTML / CSS
0
save text file (stream) as html
by: a | last post by:
Save text file as html kloepper 17:42 23 Jul '04 I'm using httpwebresponse and a StringBuilder to return a stream that originates as a file with the .txt suffix (My download code converts the html...
C# / C Sharp
5
where to place the javascript in html page
by: acord | last post by:
Hi, I m getting annoying display problem when placing javascript tags in a html page. Should the javasscript tags placed at the beginning of a html page before anything start? or placed between...
Javascript
3
Navigating text string that contains HTML of a page as DOM object?
by: Alex | last post by:
Hello. First, with AJAX I will get a remote web page into a string. Thus, a string will contain HTML tags and such. I will need to extract text from one <span> for which I know the ID the inner...
Javascript
13
Taking data from a text file to parse html page
by: DH | last post by:
Hi, I'm trying to strip the html and other useless junk from a html page.. Id like to create something like an automated text editor, where it takes the keywords from a txt file and removes them...
Python
7
A FireFox problem: with pre and ex
by: Xah Lee | last post by:
Summary: when encountering ex as a unit in css, FireFox (and iCab) did not take into account the font-family. Detail: http://xahlee.org/js/ff_pre_ex.html Xah xah@xahlee.org ∑...
HTML / CSS
1
Resizable, sortable, findable and scrollable HTML table
by: since | last post by:
I figured I would post my solution to the following. Resizable column tables. Search and replace values in a table. (IE only) Scrollable tables. Sortable tables. It is based on a lot...
Javascript
17
How can a php ng ban HTML tags posts?
by: V S Rawat | last post by:
I joined this ng and tried to post my first message that had a small php code (HTML and all). my newsserver aioe.net rejected the post saying "HTML Tags". My message was in text format, not in...
PHP
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!