Request Validation

Discussion in 'ASP .Net' started by John Comber, Nov 3, 2003.

  1. John Comber

    John Comber Guest

    Hi,

    I've a simple web form (webform1.aspx) with a text box &
    button. The click event of the button appends the value
    of the text box to the URL and redirects to
    webform2.aspx. This then gets the value of the text box
    from the query string.

    I'd like to keep validateRequest=true to prevent malicious
    input. If the user does enter some invalid text, is there
    a way of catching the HttpRequestValidationException
    before it bombs out to the browser? I would then like to
    inform the user that their input is invalid.

    Alternatively, if I set validateRequest=false, is there a
    method to call (like
    System.Web.HttpRequest.ValidateString) that will do this
    so that I can catch any exceptions that are thrown?

    Thanks in advance,

    Regards
    John.
     
    John Comber, Nov 3, 2003
    #1
    1. Advertising

  2. John Comber

    MSFT Guest

    Hi John,

    You try the Application_Error method in global.asax. Anyway, I think a
    Validator control may be better in this situation. You can choose valid
    user input on client side, so that we don't need to return to server; or
    you can use Custome Validator to perform the validate on server side and
    display proper message to customer. For more information for ASP.NET
    validator control, you may refer to:

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/
    frlrfsystemwebuiwebcontrolsregularexpressionvalidatorclasstopic.asp

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/
    frlrfSystemWebUIWebControlsCustomValidatorClassTopic.asp

    Hope this help,

    Luke
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
     
    MSFT, Nov 4, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Colin Mackay
    Replies:
    0
    Views:
    2,695
    Colin Mackay
    Jun 25, 2003
  2. Libs
    Replies:
    0
    Views:
    1,504
  3. Brian Birtle
    Replies:
    2
    Views:
    2,056
    John Saunders
    Oct 16, 2003
  4. Colin Basterfield

    Web form validation vs object validation

    Colin Basterfield, Nov 28, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    429
    Tommy
    Nov 29, 2003
  5. Matt
    Replies:
    14
    Views:
    4,110
    Chad Z. Hower aka Kudzu
    Jan 30, 2004
Loading...

Share This Page