如何$ HTML的对$ pvent进入ASP.NET Web表单文本框 [英] How to prevent entry of HTML into ASP.NET Web form text box
问题描述
我在一个ASP.NET Web窗体几个文本框。我想确保用户的不可以进入HTML到这些文本框。不过,我不知道如何prevent HTML被输入。正因为如此,我决定,我想只允许字母数字字符,空格,感叹号,锋利的迹象,美元符号,百分号,脱字符号,星,左,右括号。我省略符号,因为我不想让他们进入像做<脚本&RT; ......
I have several text boxes in an ASP.NET Web Form. I want to ensure that users are not entering HTML into those text boxes. However, I'm not sure how to prevent HTML from being entered. Because of this, I decided that I want to only allow alphanumeric characters, spaces, exclamation point, sharp sign, dollar signs, percentage signs, carets, stars, and left and right parenthesis. I'm omitting the ampersand because I do not want them entering something like "<script&rt;..."
我如何做到这一点?我做了正确的方式?
How do I do this? Am I doing it the right way?
感谢您!
推荐答案
有一个看这里
http://msdn.microsoft.com/en-us/library/ff649310.aspx
您可以把毯子声明web配置ValidateRequest = true,将检查所有的用户输入,如果用户插入带有坏字符的东西抛出一个错误。
You can put a blanket statement in the web config ValidateRequest = true will check all user input and throw an error if a user inserts something with bad characters.
如果你需要允许某些HTML标记,那么你将需要推出自己的。
If you need to allow some html tags then you will need to roll your own.
这篇关于如何$ HTML的对$ pvent进入ASP.NET Web表单文本框的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
