i have a login view in asp.net-mvc. i want that user cannot able to enter tag in username or password field
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
i have a login view in asp.net-mvc. i want that user cannot able to enter tag in username or password field
Why would you want preventing the user from entering tags? Leave him enter whatever he wants. Why preventing someone from having a password such as
<script>alert('hello');</script>– it looks like a pretty strong password. Personally I hate web sites limiting my choices for a password.Just make sure that you encode everything you are outputting inside the views:
So instead of:
Always use:
or:
if you are working with ASP.NET 4.0
Also, as pointed out by @Jab in the comments section, in order to accept such input from the user you might need to decorate the controller action that will handle the submission with the
[ValidateInput(false)]attribute.