Hi all I am using the markitup editor to get the value for one of my fields and storing it a sql server 2008 db. Now I guess the problem is people having script tags and javascript in the editor and injecting malicious scripts and I have my validate input turned false. So can anyone suggest me a way to write a custom validation method that maybe checks for script tags and removes them...or just guide me through the steps i need to do ?...also are there other things also that I should be worried about..?
views:
87answers:
1
+1
A:
This has some good suggestions: http://stackoverflow.com/questions/2212223/handle-javascript-injection-in-asp-net-mvc
joelt
2010-06-02 17:33:10