On the document[1], it is said that HttpRequest.ValidateInput
"be called by your code if the validation feature is not enabled".
It seems to be wrong. Check out the aspx below:
<%@Page Language="C#" ValidateRequest="false"%>
<html><body><form runat="server">
<asp:TextBox id="text1" runat="server"/>
<asp:Button id="button1" runat="server"/>
</form>
<script runat="server">
void Page_Load(object s, EventArgs e) {
if (IsPostBack) {
Request.ValidateInput();
}
}
</script></body></html>
This doesn't raise exception even if you enter script code in the textbox.
Is this a bug?
Thanks,
Fumiaki Yoshimatsu
Now it is working as I want. What a stupid question I have made...
Fumiaki Yoshimatsu
--
Victor Garcia Aprea
Microsoft MVP | ASP.NET
"Fumiaki Yoshimatsu" <fumi...@infoteria.co.jp> wrote in message
news:%2325eB5g...@TK2MSFTNGP10.phx.gbl...
I've just added an entry to my blog describing how this feature works
internally. If you want to learn more about it, please take a look at
http://dotnetweblogs.com/vga/
--
Victor Garcia Aprea
Microsoft MVP | ASP.NET
"Victor Garcia Aprea [MVP]" <v...@NOobiesSPAM.com> wrote in message
news:eM28jXqD...@TK2MSFTNGP12.phx.gbl...