Hi,
I was testing my web application for cross-site scripting. To simplify things, I have a web form using a RadAjaxPanel, textbox, regular expression validator checking for a valid e-mail address, submit and a cancel button. When I placed the <script> tags on the textbox, the regular expression validator flags it and I can't proceed with the submit, however, I see a javascript error on the page. When I hit cancel, which I set to causesvalidation to false, I also get a 'Error on page' on my browser and doesn't redirect me to the home page until I clear the <script> tags on the textbox. Most of my web forms do use the ajaxpanel but the errors are misleading from the browser, since the validator controls would have prevented the cross-site scripting. Is there a way around this? Thanks.
I was testing my web application for cross-site scripting. To simplify things, I have a web form using a RadAjaxPanel, textbox, regular expression validator checking for a valid e-mail address, submit and a cancel button. When I placed the <script> tags on the textbox, the regular expression validator flags it and I can't proceed with the submit, however, I see a javascript error on the page. When I hit cancel, which I set to causesvalidation to false, I also get a 'Error on page' on my browser and doesn't redirect me to the home page until I clear the <script> tags on the textbox. Most of my web forms do use the ajaxpanel but the errors are misleading from the browser, since the validator controls would have prevented the cross-site scripting. Is there a way around this? Thanks.