Click here to Skip to main content
15,042,397 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
i have html table with edit button in application, when user clicks on edit button
the content in td(table cells) will be edited in dynamically created html text boxes with save and cancel button when save button is clicked the data is updated using web method defined
in code behind,
but how to avoid entering malicious scripts like script tags and other
html content into this dynamically generated textboxes to avoid xss attacks.
Updated 23-Jan-15 19:20pm
I'm not getting it. Who cares what is written in the text box? Aren't you going to interpret the text as script? And if not, who cares if a malicious script is written there?

1 solution

chandubbbb 24-Jan-15 1:46am
though validation request is set to true in page attribute, because of html control, its not checking. in case of server controls i don t have any issues

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900