Everytime a user posts something containing < or > in a page in my webapp, I get this exception thrown.
I don't want to go into the discussion about the smartness of throwing an exception or crashing an entire webapp because somebody entered a character in a textbox, but I am looking for an elegant way to handle this.
Trapping the exception and showing "An error has occured please go back and re-type your entire form again, but this time please do not use <" doesn't seem professional enough to me
Disabling post validation ( validateRequest="false" ) will definitelly avoid this error, but it will leave the page vulnerable to a number of attacks.
Ideally: when a postback occurs containing HTML restricted caracters, that posted value in the Form collection will be automatically HTML encoded. So the .Text property of my text-box will be " something & lt; html & gt; "
Any way I can do this from a handler?