I have a drop down which I need to filter the contents of based

Question

0

Editorial Team

Asked: June 15, 20262026-06-15T06:14:55+00:00 2026-06-15T06:14:55+00:00

I have a drop down which I need to filter the contents of based

0

I have a drop down which I need to filter the contents of based on a CAML Query. This query must be set by the user.

What is the best approach for allowing a user to enter a CAML Query or other common markups?

Example:

<OrderBy><FieldRef Name='SomeColumn' Ascending='True' /></OrderBy>

If I use a textbox, validation needs to be disabled or I lose the contents of the query because .NET strips it of HTML-like tags to protext against XSS.

I don’t want to go through the process of building a query configurator, but I also appreciate that disabling validation is bad practice. Is there a middle ground here, or just a better way of going about this?

Would disabling validation and using System.Web.HttpUtility.HtmlEncode be a valid solution?

Thanks in Advance.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-15T06:14:56+00:00

Editorial Team

2026-06-15T06:14:56+00:00Added an answer on June 15, 2026 at 6:14 am

Use the escape JavaScript method to alter the text before upload, then use Server.UrlDecode on the web server to return it back to its original state.

As for when to do so, I would handle the onsubmit event and tell it to copy the textbox content into a hidden field which would be uploaded (but the textbox should not be submitted).

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a drop down which I need to filter the contents of based

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply