ValidateRequest ="false" for single control

15.7k Views Asked by ajbeaven At 20 October 2024 at 00:31

I'm wanting to allow users to enter HTML in only a single TextBox. I understand it's possible to change ValidateRequest in the page directive to false in order to remove protection.

I'm guessing that this allows HTML to be entered in any TextBox on the page. Is there anyway to apply ValidateRequest="false" on only a single control?

Thanks for any help.

Original Q&A

There are 3 best solutions below

Guffa On 18 March 2010 at 01:10 BEST ANSWER

No, the request validation is for the entire request or nothing.

The validation was added as a default to protect developers who are clueless about input validation. If you know that all input has to be treated as unsafe and know how to properly encode data that you use from the input to protect yourself from things like SQL injection and cross site scripting, you can turn the validation off.

Edit:

Update: In .NET 4.5 the ValidateRequestMode property was added, which allows excluding controls from the page global validation.

Max Toro On 18 March 2010 at 01:28

Try turning ValidateRequest off and use this method for removing markup from each individual control/parameter:

public static string RemoveMarkUp(this string s) {
   return Regex.Replace(s, @"<[a-zA-Z\/][^>]*>", string.Empty);
}

Patrick J Collins On 01 November 2012 at 16:28

New in .NET 4.5 : You can set ValidateRequestMode="Disabled" on a control. See MSDN.

ValidateRequest ="false" for single control

There are 3 best solutions below

Edit:

Related Questions in ASP.NET

Related Questions in VALIDATE-REQUEST

Trending Questions

Popular # Hahtags

Popular Questions