I'm trying to stop .Net from validating data entered into a textbox. When I
enter < or > .Net returns an error:
potentially dangerous Request.Form value was detected from the client...
so a search on google indicates a couple of options:
1. Add validateRequest = "false" in the page directive. So I add it:
<%@ Page Language="vb" AutoEventWireup="false" Codebehind="addcode.aspx.vb"
Inherits="codelib.addcode" validateRequest="false"%>
but I get the error:
The 'validateRequest' attribute is not supported by the 'page' directive.
2. or add <pages validateRequest="false" /> in system.web of the web.config
file:
but when I do that I get the error:
Parser Error Message: Unrecognized attribute 'validateRequest'.
I guess I cannot use either of these with .Net 2002, which I have. Is there
any way around the first error caused by entering "malicious" code?