Escolar Documentos
Profissional Documentos
Cultura Documentos
I use the FCKeditor control as my editor, I hope to save the content to database, but when I click the
button1, I get the following error, why?
I guess because there are some Script string included in FCKeditor1.Value and ASP.Net think it is
dangerous, now I don't know how to handle it, could you help me?
A potentially dangerous Request.Form value was detected from the client (FCKeditor1="<p>This is a
sample<...").
Description: Request Validation has detected a potentially dangerous client input value, and processing of
the request has been aborted. This value may indicate an attempt to compromise the security of your
application, such as a cross-site scripting attack. You can disable request validation by setting
validateRequest=false in the Page directive or in the configuration section. However, it is strongly
recommended that your application explicitly check all inputs in this case.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form
value was detected from the client (FCKeditor1="<p>This is a sample<...").
You'll need to add validateRequest=false to the page directive. By default, .NET will
throw an exception if a value entered in a form field looks like a script block. You
should use Server.HtmlEncode when storing the value in the database and
Server.HtmlDecode when retrieving the value from the database. Also, I would use a
regular expression on any other fields on the form to strip them of any code that
resembles a script block.
HTH,
Ryan
I use FCKeditor as HTML editor, and save the html document to database, I hope to display the html
document using a control,
but When I use FCKeditor to display the html document, I find that FCKeditor control hasn't ReadOnly
property and Toolbar can't be
hidden completely, I try to use Textbox control to display html document, but only html code can be
displayed in textbox control!
If you want to set the FCKeditor control to readonly so it just displays HTML
formatted and doesn't allow editing, then it makes more sense to use a Label
control. On the other hand, if this is for something like a chat application and you'd
like a TextBox like area to display text, then I know how to do it with FreeTextBox. If
you're willing to give FTB a try, I'll dig out the code.
HTH,
Ryan
hi
u have to use Literal control in asp.net for display the Fckeditor content on page ,
regards
There a small problem if you insert/update database by using Parameter. Instead of using enum DbType,
you should use OleDbType to save FCK's value to database.
I tried many times with DbType.String but always receive the exception "Invalid character value for cast
specification".
hello
i use datagridview control for editing and saving from fckeditor control
get
return
(((UltimateEditor)(DetailsView1.Rows[1].Cells[1].Controls[1])).EditorHtml.Replace(Request.Url.GetLeftP
art(UriPartial.Authority),""));
You should put it at the top of any page you use FTB or FCKeditor as follows:
Hi All,
I was getting the same editor to do with the dangerous code. I added the ValidateRequest and now I get:
Line 6015: }
Line 6016: if ((description == null)) {
Line 6017: throw new
System.ArgumentNullException("description");
Line 6018: }
Line 6019: else {
My control:
<ItemTemplate>
<FCKeditorV2:FCKeditor ID="FCKeditor1"
runat="server" BasePath="~/FCK_editor/" Height="200px"
Visible='<%# Eval("description") %>'
Width="100%" >
</FCKeditorV2:FCKeditor>
</ItemTemplate>