We submit a form with a textbox that contains text which is used to search our database for data to put in a RadTreeView control.
The text string retrieved from the database for a node sometimes contains "<B>" for bolding.
When the user then submits another search, the node with the "<B>" is submitted to the server where the standard MS XSS prevention code kicks in and flags the "<B>" as a potential XSS attack. We get a yellow-screen of annoyance. I don't have the time to implement full XSS prevention, so to avoid the yellow-screen exception, I would like to simply prevent the browser from submitting the RadTreeView control when a user submits a search. Is this possible?