Prevent User from Entering HTML tags in Textbox/TextArea
In ASP.net this is integrated by default in the page directives:
<%@ Page Language="C#" ValidateRequest="true" AutoEventWireup="true" CodeFile="Default1.aspx.cs" Inherits="Default1" %>
If ValidateRequest is true, the code will trow exeption like:
potentially dangerous Request.Form value was detected from the client (TextBox1="<div>").
Use the following Javascript to prevent the User from Entering HTML Tags in the Textbox/TextArea:
function checkHTMLtags(sender, args) { var trgtId = document.getElementById("<%=txt1.ClientID%>"); var str=trgtId.value //convert to lowercase str=str.toLowerCase() //split the string by taking <br> as reference var strArray=str.split('<br>'); if (strArray.length > 0) { for(k=0;k<strArray.length;k++) { for(i=0;i<strArray[k].length;i++) { //check for the presence of < and if available check the following char //condition added to include > symbol as well if((strArray[k].charAt(i)=='<') || (strArray[k].charAt(i)=='>')) { var j=i+1; var str1=strArray[k].charAt(j); var myRegxp=/^[0-9]*$/ ; if(myRegxp.test(str1) == false) { //alert("No HTML Tags allowed in the textarea"); trgtId.focus(); args.IsValid = false; return; } } } } } args.IsValid = true; return; }
Refer This link for more Details:
http://msdn.microsoft.com/en-us/library/ff649310.aspx
Excellent..Thanks. I called this function in dataEvents in colModel. Works fine with me.
ReplyDelete- Ahamed M