Joey Kelly wrote:
>I'm having trouble fining out how to do mangle string data. Is there a way to
>use regular expressions with aspx? Or am I barking up the wrong tree?
>
>
System.Text.RegularExpressions
>Oh, and are there classes that will help me clean user data, to protect
>against cross-site scripting, etc? I'm worried about security, naturally.
>
>
If you are doing form validation in ASP, you should look at the ASP
validators (asp:RequiredFieldValidator, asp:RegularExpressionValidator,
asp:RangeValidator, asp:CustomValidator).
HttpServerUtility.HtmlEncode will HTML encode your user input. (ie,
transform < into < > into >, etc) Also, by default, if someone
enters XML / HTML into an input field you get a security exception.
___________________
Nolug mailing list
nolug@nolug.org
Received on 04/01/05
This archive was generated by hypermail 2.2.0 : 12/19/08 EST