Input and Data Validation






4.33/5 (3 votes)
Garbage in, garbage out. You can avoid data cleanup tasks on the backend by avoiding bad data coming in. ASP.NET validation controls and third party
Garbage in, garbage out. You can avoid data cleanup tasks on the backend by avoiding bad data coming in. ASP.NET validation controls and third party validation controls help you receive the right data in the right format. In addition, the AJAX Control Toolkit employs extenders that can prevent invalid data from being entered in the first place. For instance, the FilteredTextBoxExtender can prevent unwanted characters from being entered into the textbox. The MaskedEditExtender restricts the format of the input being entered.
Whitepapers
-
Request Validation - Preventing Script Attacks - "This paper describes the request validation feature of ASP.NET where, by default, the application is prevented from processing unencoded HTML content submitted to the server."
-
Dissecting The Validation Controls And Asp.net 2.0 - Good insight into what's going on in the inside by Scott Mitchell.
How To
- How To: Prevent Cross-Site Scripting in ASP.NET
- How To: Protect From Injection Attacks in ASP.NET
- How To: Protect From SQL Injection in ASP.NET
- How To: Use Regular Expressions to Constrain Input in ASP.NET
- QuickStart: Validating Form Input Controls
- ASP.NET Input Validation Controls - A good basic overview for folks coming from Classic ASP.
Controls
- All the Validation Controls in the ASP.NET Control Gallery (search) and category - Here's a prefilled search link to all the validation controls in our gallery. Professional Validation and More is a great set of 3rd Party Tools with 25 additional validators.
- Ajax Control Toolkit - MaskedEdit Control - MaskedEdit is an ASP.NET AJAX Extender that attaches to a TextBox control to restrict the kind of text that can be entered.
Resources
- Online Regex Tester
- JavaScript Regex Tester
- Validation Application Block - patterns & practices team
The Validation Application Block is a component of Enterprise Library which provides a common approach to defining validation rules for your business objects that allows them to be reused across different layers of your application.