I use... $.post("/StoreHtml", { 'html': $("#txtHtml").val(), , function (data) { }); to store html user enters, but method above fails with an "A potentially dangerous Request.Form value was detected from the client". How do I encode the html before sending it? ... and how do I decode it in vb.net?
View 2 Replies
I have a form that have many text fields and all are being validated, I also added the NiceEdit plugin to be able to format text in my text areas, but it is raising errors like:
A potentially dangerous Request.Form value was detected from the client Now I can simply go to the top of the page and in the page directive add ValidateRequest="false" but this will deprive me from all the validation that I really need, so how can I switch validation OFF for my text areas ???VB.net, ASP.net 3.5, VWD 2008 Express...
why I am getting the following error? I have debugging enabled.Server Error in '/' Application.A potentially dangerous Request.Form value was detected from the client (strContent="<p>test</p>").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (strContent="<p>
test</p>
").
Source Error: The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:
1. Add a "Debug=true" directive at the top of the file that generated the error. Example:
<%@ Page Language="C#" Debug="true" %>
or:
2) Add the following section to the configuration file of your application:
<configuration>
<system.web>
<compilation debug="true"/>
[code]....
I'm noticing this error more and more in my error logs. I've read through the questions here talking about this error, but they don't address what I would like to do (see below).
I'm considering three options, in the order of preference:
1) When submitting a form (I use formviews almost exclusively, if that helps), if potentially dangerous characters are detected, automatically strip them out and submit.
2) When submitting a form, if potentially dangerous characters are detected, alert the user and let them fix it before trying again.
3) After the exception is generated, deal with it and alert the user.
I'm hoping one of the first two options might be able to do somewhat globally...I know for the 3rd I'd have to alter a TON of Try-Catch blocks I already have in place. Doable, but labor intensive. I'd rather be proactive about it if at all possible and avoid the exception all together.
Perhaps one approach to #1 would be to write a block of code that could loop through all text entry fields in a formview, during the insert/update event, and strip the characters out. I'm ok with that, but I'd rather not have to heavily alter all my Insert/Update events to accomplish this. Or maybe I just create a different class to do the text checking/deleting, and only insert 1 line of code in each Insert/Update event. If anyone can come up with some example code of any of these approaches that would be a
I have to send a request to Webservice and I have a working PHP solution, that I have to translate in VB.net
Here's the code working in PHP
//fill in the details of the contacts.userId is obtained from loginResult.
$contactData = array('lastname'=>'Valiant', 'assigned_user_id'=>$userId);
//encode the object in JSON format to communicate with the server.
[code]....
Naturally I imported a reference to a Json library and Imported (Imports Newtonsoft.Json)?
I'd like to build a simple json looking like this: {"Count" : "55", "total" : "125,55"}On my vb method i'm doing this to encode it:Dim json As String = "{""Count"" : "" " & intCount & " "", ""total"" : "" " & intTotal & " "" }"But I think Im missing something to escape the quotes, when my browser received it, it looks like this: {"d":"{"Count" : " 5 ", "total" : " 55 " }"}making it unreadable for jQuery.
View 1 RepliesI have an existing WSDL which returns information to remote devices using SOAP. However, I'm writing a new app with Android which doesn't support SOAP so I can't use the existing WSDL and have had to code a new app which looks for a querystring from the Android app and returns the data in a JSON packet. I've coded the module which receives the data okay but I'm unsure how to send the data back in JSON forma
View 1 RepliesI have a task to create a web service to receive client-side app's http request(with rpc={json data} in the end), deserilize it and put he parameter in stored Procedure in order to retrive data from sql server. the procedure query and client-side's app are already there and the return data to client-side app is JSON too
View 1 RepliesIm trying to send data from a Windows Form to an aspx page and send back a response. Im running around in circles trying to make this work. The data im trying to send is 4 strings. So fare I have this in my code, using the build-in webclient in visual studio 2010, in the windows form sending to the aspx
[Code]...
How do I send/Receive SOAP messages usiung .NET I wanted to invoke a webservice, however not like the way shown in the link above.What I did was, created a service reference with the wsdl url(in a windows application with a button click event)
[URL]
have created a client object
Dim objProxy As MyClient = New MyClient()
I have populated the objrequest and objreqheader using the below methods, (assigning string values and not xml)
objreqheader.id = "abcd"
Finally the below line invokes the service
objresponsehead = objProxy.myoperation(objreqheader, objrequest, objresp)
From reference vb, this is the myoperation public function
Public Function myoperation(ByVal RequestHeader As AFA.RequestHeaderType, ByVal GetTransactionDetailsReq As AFA.GetTransactionDetailsReqType, <System.Runtime.InteropServices.OutAttribute()> ByRef GetTransactionDetailsResp As AFA.GetTransactionDetailsRespType) As AFA.ResponseHeaderType
[code]....
I checked the property of objProxy, it is having basic http binding as the property. Anyone invoked the service like this? From soapui, the response is fine, after i populate the request fields.How can i enable the trace to see what is the request going and where is the problem.
Take the tripservice wsdl from this link In this wsdl, I replaced the from element with the below(added nillable as true and added min length and max length restriction).
[Code]...
The element from xsi:nil="true" is generated, even though i am not touching the element in my vb.net code to generate the request. The element is optional as per the wsdl(min occurs = 0). How can i send a request without the from element name, even passed in the request?
My Request.Form keys are all prefixed with ctl00$container name$ and then the key I want.How can I get the regular key name working?
Visual example from the immediate window:I want to use:
? request.Form.Item("stationIdea")
but it won't work because the key is:
ctl00$content_innovation_body$stationIdea
as retrieved by
? request.Form.Keys("4")
so only this works:
? request.Form("ctl00$content_innovation_body$stationIdea")
I have a vb.net 2.0 winforms project that is full of all kinds of business reports (generated with Excel interop calls) that can be run "on-demand". Some of these reports filter through lots of data and take a long time to run - especially on our older machines around the office.I'd like to have a system where a report request can be made from the client machines, some listener sees it, locates a server with low-load, runs the report on that server, and emails the result to the user that requested it
View 2 RepliesI'm working with the Minecraft Server To Client protocol documentation for a server I am making.It says the packet is 18+ bytes, but I can't seem to figure out what each byte is for.
View 2 RepliesI am using a client.openRead to send request and passing line through finalurl.
Dim data As Stream = client.OpenRead(finalurl)
Now my server blocks ports and i am getting error on this line now is there any other solution to client.OpenRead and what ever i am sending throught this is code is going on other company's server so i can't tell then to change their way so is there any other solution to this?
I AM THINKING THAT IF PORTS THEN IMPOSSIBLE TO SEND REQUEST.SO ONLY WAY IS TO CHANTGE SERVER WHER I HOST MY SITE
Dim data As Stream = client.OpenRead(finalurl)
And in final url i have other sites url and some querystring data
For example
dim finalurl as string= [url]
I already use WebHttpRequest but it not works still server not allow it.But i try it with response.redirect and it works but not suiteable to my conditions.i want control on my site so i was using Dim data As Stream = client.OpenRead(finalurl) but now server block some ports due to some reasons
The problem I have is: When I click on cmdListen in the server form and cmdConnect in the client form,both programs won't respond and they crash for some reason I don't know.
Client source code:
Code:
Imports System.Net.Sockets
Imports System.Text
Public Class Form1
[CODE]...
Code:
Imports System.Net.Sockets
Imports System.Text
Public Class Form1
[CODE]...
I am been stuck on this for 3 days now...I have been accessing the twitter api to pull a user_timeline for a list of users and the json that comes back is impossible to work with. I tried to deserialize it using javascriptserializer and get an error:invalid object passed in , ':' or '}'
Now this is frustrating since I expect the json being returned to be error free. Then I tried json.net and split the posts using string.split and tried to convert each post to Jobject or jarray. for Jarray I get
'unexpected end of content while loading jArray
[Code]...
Now I have formatted the code here and not pasted the whole file but it does look like valid json to me and I do not alter anything after receiving the stream from the twitter api. Can someone please point me in the right direction? I really need to get this stuff parsed?
I'm strugling the whole day with the next JSON string
{
"0":{"link":"afbeeldingenplaatje1.jpg"},
"1":{"link":"afbeeldingenplaatje2.jpg"},
"2":{"link":"afbeeldingenplaatje3.jpg"}
}
How can i deserialize this? What's wrong with the next code (vb.net)
Public Class DataString
Private m_link As String
Public Property link() As String
Get
[CODE]...
It returns always an empty result.
how to receive and send back json. Hope someone can help me on this. I understand by examples.
On my clientside, I am sending a ajax json string "name":"theName" to the server side and would like the server side to return a string saying "welcome &name ".
Client-side code
<!DOCTYPE html>
<html>
[Code]....
Below is my JSON formated String
{"AliasName": "ysiCountryInfo", "DataClass": {"Description":"United States 111","Code":"usa","WriteOffTaxPointAdjustment":0,"IndexationRounding":6}}
I would like to deserialize object into below class
[code].....
I have a JSON response from a web service that I need to be converted to an object then to an array. My response is similar to the one below:
{"status":{"error":"NO","code":"200","description":"none","message":"Request ok"},"geolocation":{"lat":"38.89515","lng":"-77.0310"},"stations":[{"country":"United States","regPrice":"0.00","midPrice":"0.00","prePrice":"0.00","streetAddress":"1401, I St[code]....
I am doing this is VB.NET within a console for now. Basically I am trying to create a simple way to test my API calls and output the information. What I am trying to accomplish is having to loop through the JSON array and list the stations.
Ive created a few in-house applications using Access, such as an IT Ticket tracking database and a database to store legal case logs, but finally found a project that I knew would completely out-grow Access and Im trying to incorporate my previous knowledge in to Visual Basic/Visual Studio.That being said, do any of you have any suggestions for intermediate-level reading material or tutorials, especially on how SQL Server and Visual Studio mix together? I've picked up a copy of Sams Teach Yourself Visual Basic 2005 in 24 Hours, which isn't too bad but I've had to skip around quite a bit because I'm already pretty familiar with the interface, I just need some more assistance with the code. I've also purchased Murach's Visual Basic 2008, but I haven't cracked that one open yet.At any rate, I look forward to talking with you all.
View 1 RepliesHow can I convert a JSON string to an array OR a JSON string to XML in VB.NET? I know how to do this in C#, as I have read dozens of articles on it, however, I am unable to figure out how to achieve the same result in VB.NET.
I'm using the System.Web.Script namespace via System.Web.Extensions.dll (from Microsoft).
I'm willing to use an additional DLL file if needed.
I'm sure this has been asked before but I'm not finding quite the information I'm needing so I thought I'd post this.
I've written a PHP script that returns a simple JSON object that looks like this:
{"status":"success","level":"admin"}
I'm doing a standard web request that submits the required data to the script over the internet and that's working fine.
Now, I want to use JSON.NET to pull out the individual variables so I can know what the values of "status" and "level" are. The problem is, I have no idea where to start.
I'm doing this in VB.NET (on the .NET Compact Framework).
I may be the only person still automating excel this way and I am looking at doing it in ways that better handle COM objects and such, but for now I just importMicrosoft.Office.Interop.Excel and go for it. Something that gave me a lot of grief at first was hanging excel.exe processes, but there are tons of resources online for fixing that. At this point I am pretty confident in my abilities to handle it.One thing I did notice and was wondering about is how does closing a windows forms application interact with excel.exe running in the background and likely more specifically the garbage collector. I have written quite a few excel automation projects and noticed that after I run my program .exe and it has completed there is an excel.exe process that hangs on until I close the pop up window from the windows forms application. Why is that happening?
View 1 RepliesI have written a HTTP server in VB.NET but I don't know how to use the Request.Form() method on a windows application. I need it to read HTML data sent in a HTML form.
View 1 RepliesI hope this is in the right category. If its not, direct me for where it should go. I'm quite a, what you would call "noob" to visual basic. I'm trying to make a web-based (LOCAL ONLY) Tech Request system for my LOCAL machines (Only 1 noted for use). I want a login area (I think I know what to do for that.), a open request area, a OPENED requests area, a way to CLOSE requests (by staff only), and and started/not started field for staff to use.
View 4 RepliesThis seems really simple, but for some reason Im stumped.Im dynamically generating an HTML Select Box, lets call it myselect. Im creating this select box based on some database values Im generating an HTML Select Box.. almost like a string that Im just spitting out to the page. So it's never a control in the codebehind, just part of a string thats rendered as HTML by the browser. If I submit my form, and in my codebehind I perform:
Dim myVal as String = Request.Form("myselect")
That code will give me the VALUE of the myselect select box. How can I refer to this control to cast it as a System.Web.UI.HtmlControls.HtmlSelect control? Request.Form seems to give me the value, but I want to reference the object itself..
We are creating a Who wants to be a millionaire style game in VB. Our server is pulling information such as questions and answers from a Access Database and sending them to the contestants (Clients). All transfer of information is directly from the server to each client. One of the "Life Lines" we want to use is "Ask a friend", where one client is able to Instant message another client for a short time to get help on the question.
[Code]...
I am trying to get values from a select multiple box like this but the breakpoint at 'For Each Item in box' is nothing, what am I doing wrong?
[Code]...
