C
clintmazur
I am building a site in which I would like to keep validateRequest turned on,
but I would like to either override it or scrub my inputstream. If the input
has potential for XSS, I don't want to throw an error, I want to clean the
data.
I have tried using the httprequest.filter in my global.asax, but was not
successful. I would like all of my input to be scrubbed with an
HttpUtility.HtmlEncode by default and still have the fall back of
validateRequest just in case I miss something.
Any suggestions (besides turning it off)? I'm using .net 2.0 framework if
that helps at all. Thanks.
but I would like to either override it or scrub my inputstream. If the input
has potential for XSS, I don't want to throw an error, I want to clean the
data.
I have tried using the httprequest.filter in my global.asax, but was not
successful. I would like all of my input to be scrubbed with an
HttpUtility.HtmlEncode by default and still have the fall back of
validateRequest just in case I miss something.
Any suggestions (besides turning it off)? I'm using .net 2.0 framework if
that helps at all. Thanks.