When using a combo box, that would display a value and the value is something like <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>, what is the best way to filter or encode this so that it doesn't break the combo box?
The velow is an image link to what the issue looks like.
1 Answer, 1 is accepted
0
Hi Adron,
I suppose you use RadComboBox for ASP.NET.
It renders two client fields with names clientWidth and clientHeight .
My suggesting is to use RadComboBox for ASP.NET AJAX. You can see online examples here.
RadComboBox for ASP.NET AJAX does not render this fields need to RadComboBox for ASP.NET to set its height and width properties.
This should solve the problem.
Regards,
Rosi
the Telerik team
Check out Telerik Trainer, the state of the art learning tool for Telerik products.
I suppose you use RadComboBox for ASP.NET.
It renders two client fields with names clientWidth and clientHeight .
My suggesting is to use RadComboBox for ASP.NET AJAX. You can see online examples here.
RadComboBox for ASP.NET AJAX does not render this fields need to RadComboBox for ASP.NET to set its height and width properties.
This should solve the problem.
Regards,
Rosi
the Telerik team
Check out Telerik Trainer, the state of the art learning tool for Telerik products.