Request.ValidateInput... Code bug or documentation bug?
From: Fumiaki Yoshimatsu (fumiakiy_at_infoteria.co.jp)
Date: 04/29/03
- Next message: Victor Garcia Aprea [MVP]: "Re: Request.ValidateInput... Code bug or documentation bug?"
- Previous message: Mike Moore [MSFT]: "RE: UNC file share and NTLM user identity"
- Next in thread: Victor Garcia Aprea [MVP]: "Re: Request.ValidateInput... Code bug or documentation bug?"
- Reply: Victor Garcia Aprea [MVP]: "Re: Request.ValidateInput... Code bug or documentation bug?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Apr 2003 10:27:54 +0900
This is the 1.1 ASP.NET issue.
On the document[1], it is said that HttpRequest.ValidateInput
"be called by your code if the validation feature is not enabled".
It seems to be wrong. Check out the aspx below:
<%@Page Language="C#" ValidateRequest="false"%>
<html><body><form runat="server">
<asp:TextBox id="text1" runat="server"/>
<asp:Button id="button1" runat="server"/>
</form>
<script runat="server">
void Page_Load(object s, EventArgs e) {
if (IsPostBack) {
Request.ValidateInput();
}
}
</script></body></html>
This doesn't raise exception even if you enter script code in the textbox.
Is this a bug?
Thanks,
Fumiaki Yoshimatsu
- Next message: Victor Garcia Aprea [MVP]: "Re: Request.ValidateInput... Code bug or documentation bug?"
- Previous message: Mike Moore [MSFT]: "RE: UNC file share and NTLM user identity"
- Next in thread: Victor Garcia Aprea [MVP]: "Re: Request.ValidateInput... Code bug or documentation bug?"
- Reply: Victor Garcia Aprea [MVP]: "Re: Request.ValidateInput... Code bug or documentation bug?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
