i have 2 aspx files
1) 1.aspx - collects info from the user, stores into the DB.
2) 2.aspx - collects info from the DB and displays back to the user
in 2.aspx, i am encoding(htmlencode,urlencode.....) and displaying the info. so srcipt is displayed as text but not executed. -- expected result.
in 1.aspx, i am collecting info from textboxes and store in DB,i am getting below exception when clicked on save button.
"A potentially dangerous Request.Form value was detected from the client ...".
how do i fix it?
guys please dont tell me to turn off validaterequest.i want that to be turned ON, for security reasons.
also i want to validate the input before storing into the DB.so that my DB holds verified and trusted data(not malicious).
any help would be highly appreciated.
View Complete Post