HtmlEncode DropDownList
-
Thursday, May 24, 2012 9:33 AM
I am getting below error "Cross-Site Scripting: Persistent (Input Validation and Representation, Data Flow)" by scanning my project using fortify tool
inside my project error showing in below line as
dropdownlist.DataSource = _listApplications;
here i need how can i Htmlencode the above datasource(_listApplications).
- Moved by Karel ZikmundMicrosoft Employee, Moderator Thursday, May 31, 2012 7:40 AM ASP.NET question? Use http://forums.asp.net (From:Building Development and Diagnostic Tools for .Net)
All Replies
-
Thursday, May 24, 2012 11:23 AM
I appears you are using a combobox is this true? When you have a combobox you will get a validation error is yo uattempt to place data that is not already in the combobox list. You need to turn off validation. to add an item you must first add the item to the combox and then select the value like this
cb1.add("new string")
cb1.value = "new string"
I'm not sure what HTML has to do with this error. I'm presently using a combobox in a Datagrid view and columns that don't require drop down boxes I switch to textt boxes because I couldn't get the combox box to work when the user manually typed datta into the box. From my softwae it wasn't an issue of adding new items.
jdweng
- Proposed As Answer by Mike FengMicrosoft Contingent Staff Friday, May 25, 2012 5:49 AM
- Marked As Answer by Ed Price - MSFTMicrosoft Employee, Owner Friday, June 01, 2012 11:11 PM
