We submit a form with a textbox that contains text which is used to search our database for data to put in a RadTreeView control.
The text string retrieved from the database for a node sometimes contains "<B>" for bolding.
When the user then submits another search, the node with the "<B>" is submitted to the server where the standard MS XSS prevention code kicks in and flags the "<B>" as a potential XSS attack. We get a yellow-screen of annoyance. I don't have the time to implement full XSS prevention, so to avoid the yellow-screen exception, I would like to simply prevent the browser from submitting the RadTreeView control when a user submits a search. Is this possible?
1 Answer, 1 is accepted
0
Hello Skip,
You could submit only a part of your form by using AJAX requests - either wrap the TextBox in an RadAjaxPanel or use RadAjaxManager.
Regards,
Veselin Tsvetanov
Telerik
You could submit only a part of your form by using AJAX requests - either wrap the TextBox in an RadAjaxPanel or use RadAjaxManager.
Regards,
Veselin Tsvetanov
Telerik
Do you need help with upgrading your ASP.NET AJAX, WPF or WinForms projects? Check the Telerik API Analyzer and share your thoughts.