1

What regular expression should be used to blacklist the character sequence that would cause the following error in ASP.Net - "A potentially dangerous Request.Form value was detected from the client". (e.g. < br >, < hi >, < a > etc..)

I need to use a asp.net regular expression validation control to blacklist those character sequence that would cause this error.

for instance if I enter 123< hi > , valid < abc >, etc.. i need the validation to fail.

PS: I have spaced the < br > since it was not displaying it properly in the question but actually it should be without the blank spaces between < or > and the string inbetween them

Navaneeth
  • 190
  • 1
  • 1
  • 16

2 Answers2

0

For your example you need following regex: "< br >|< hi >|< a >". If you will require any additional tokens to be blacklisted just use next "|< ?? >" sequence. Sign | in regex means matching groups with OR criteria, so example means actually match < br > or < hi > or < a >.

If you need just a generic regex failing for any potentially HTML tag, then "<.*?>" should do the job. But this will fail, if for any sequence between <> brace not only valid HTML tags.

If you would like to test some other texts and regular expression or learn more about it I propose two very good sites:

http://www.regexr.com/

https://regex101.com/

TouDick
  • 1,262
  • 12
  • 18
0

Here is a quick and dirty solution for the same for someone someday

Add jquery library

 $("input").bind("paste", function (e) {
      var pastedData = e.originalEvent.clipboardData.getData('text');
      $(this).val(Encode(pastedData));
      e.preventDefault();
  });

function Encode(str)
{
       return str.replace(/(<)(\S+)(>)/g, '$2 ');
}
Moons
  • 3,833
  • 4
  • 49
  • 82