{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 狗以群分 的问题《ValidateRequest =“false” for single control》','https://www.manongdao.com/q-283161.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm wanting to allow users to enter HTML in only a single TextBox. I understand it's possible to change ValidateRequest in the page directive to false in order to remove protection.
I'm guessing that this allows HTML to be entered in any TextBox on the page. Is there anyway to apply ValidateRequest="false" on only a single control?
Thanks for any help.
New in .NET 4.5 : You can set
ValidateRequestMode="Disabled"on a control. See MSDN.Try turning ValidateRequest off and use this method for removing markup from each individual control/parameter:
No, the request validation is for the entire request or nothing.
The validation was added as a default to protect developers who are clueless about input validation. If you know that all input has to be treated as unsafe and know how to properly encode data that you use from the input to protect yourself from things like SQL injection and cross site scripting, you can turn the validation off.
Edit:
Update: In .NET 4.5 the
ValidateRequestModeproperty was added, which allows excluding controls from the page global validation.