p2p.wrox.com Forums

p2p.wrox.com Forums (http://p2p.wrox.com/)
-   C# (http://p2p.wrox.com/c-22/)
-   -   HTML tag problem (http://p2p.wrox.com/c/67580-html-tag-problem.html)

Aker April 22nd, 2008 09:51 AM

HTML tag problem
 
Hi,

I'm new to C#. I have some basics. I have a problem. In one login form, if i put in username text box one html tag ('< br >') it show me one error : Sys.Webforms. PageRequestManag erServerErrorExc eption: An uknown error occurred while processing the request on the server. The status code returned from the server was: 500


You have any suggestion how to fix this?

Thank you

robzyc April 22nd, 2008 09:58 AM

HTTP Status 500 is an Internal Server Error, which normally denotes some problem with the application running on it in my (limited) experience.

The <br> tag is a HTML tag for a Line Break? Where are you using this tag in your login form? Can you paste the sample of that part of the code (not all of it please)..

Rob
http://robzyc.spaces.live.com

Aker April 22nd, 2008 10:23 AM

I don't need the html tag. The problem is that my application will crash if someone will put that tag into my username text box. I want to prevent that from happening. So, I need someway to test or remove the html tags from my text boxes. I heard something about Regular expressions .

I can paste here some code , but I don't know if will help you.




Thank you

robzyc April 22nd, 2008 10:28 AM

Ah OK, now I am with you.

I am unsure as to why that would make a difference, since the login should just be treated as a string, completly ignoring any HTML in there regardless.

There are a number of ways you can do this, removing characters, RegEx would prob be the best option, but sadly my RegEx knowledge is limited, maybe someone else here will be able to help more :)

Rob
http://robzyc.spaces.live.com

Aker April 22nd, 2008 10:36 AM

I hope I'll solve this problem. I'll try to do something with regular expressions, after I find something to read about that.

Anyway , thank you very much for your time

Thank you

Imar April 22nd, 2008 10:40 AM

I think you are running into a validation mechanism from ASP.NET, helping you to prevent cross-side script and other injection attacks.

The technique is called Request Validation and can be turned off. However, you are advised to do this only if you take other preventive actions. For more info see: http://www.asp.net/learn/whitepapers...st-validation/

Cheers,

Imar
---------------------------------------
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Everyone is unique, except for me.
Author of Beginning ASP.NET 3.5 : in C# and VB, ASP.NET 2.0 Instant Results and Dreamweaver MX 2004
Want to be my colleague? Then check out this post.

Aker April 22nd, 2008 11:00 AM

Yes, it's working.

Thank you Imar, it was a great help

Thank you

Imar April 22nd, 2008 11:04 AM

Make sure you don't just disable this feature; make sure your system can also deal with invalid input and is not open to SQL Injection by checking / sanitizing the data.....


Imar


---------------------------------------
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Everyone is unique, except for me.
Author of Beginning ASP.NET 3.5 : in C# and VB, ASP.NET 2.0 Instant Results and Dreamweaver MX 2004
Want to be my colleague? Then check out this post.


All times are GMT -4. The time now is 01:48 PM.

Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
2013 John Wiley & Sons, Inc.