I am dynamically adding RadFilter editors, such as RadFilterTextFieldEditor, to RadFilter, server side.
When the web page is running, if a user enters certain "dangerous" text strings such as "<!--" or "<script>" into the RadFilterTextFieldEditor, the RadFilter control stops functioning (you can no longer add new expressions or groups to your Filter expression). If I try to navigate to another page in my web app, I get logged out because my session has been destroyed/lost. There MAY be an unhandled "A potentially dangerous Request.Form value was detected" exception that is causing the user session to be destroyed.
My fix would be to intercept the RadFilterTextFieldEditor text and strip any potentially dangerous user input (such as embedded JavaScript).
I do not see an OnBlur/OnChange event on the RadFilterTextFieldEditor that I could use to intercept the user input before it is posted.
I tried adding an asp.net validator on the RadFilter control but that does not work because RadFilter is not an "input" type of control.
I looked at the RadFilter client side events (OnFilterCreated/OnFilterCreating) but those do not appear to allow me to strip the user text input before it is too late.
Can you suggest a way to handle RadFilterTextFieldEditor text to prevent users from entering "dangerous" text.
Courtney