Html Tag in textbox/input text - c#

When I input some html tag like < b> or < test> (without the space after "<") in my TextBoxes, When I submit the form I got the issue:
Sys.WebForms.PageRequestManagerServerErrorException: An unknown error occurred while processing the request on the server.
The status code returned from the server was: 500
I don't want to set the "ValidateRequest" false, because of security problems.
I thought in make some kind of javascript function inserting a space after "<", this could work...I guess.
Any idea?

You can escape your input using javascript before posting it back.
See existing answers:
Escaping HTML strings with jQuery
Escape HTML using jQuery
Fastest method to escape HTML tags as HTML entities?
On the c# side use HttpUtility.HtmlDecode(string) to decode your text back.

You can escape/unescape your html content using JavaScript (jQuery) as shown below:
<script>
function htmlEncode(value) {
return $('<div/>').text(value).html();
}
function htmlDecode(value) {
return $('<div/>').html(value).text();
}
</script>

Related

How do I inject javascript code via webview?

Basically what I want to do is this this but I can't seem to find something similar for webview XAML control. What I ultimately need to do, is capture an incoming json file from the webview. As is, I get a bad request from the server and unsupported file exception from the webview. I thought about injecting a javascript so that it would alert me, I could get the body of the incoming json and bypass all the errors.
There are two main things you can do:
Call functions programically
Inject any code by using the HTML string
Function Calling
You can use InvokeScript to call javascript functions.
If you have in a webpage with a script:
<script lang="en-us" type="text/javascript">
function myFunction() {
alert("I am an alert box!");
}
</script>
Then you can in C# call:
MyWebview.InvokeScript("myFunction", null);
Which will execute the script function myFunction.
Injecting Text
If you download the HTML page and all other needed files(using the Windows HttpClient), you can inject any code by manipulating and then Navigating to string.
Lets say you want to change the above script to add another function, "HelloWorld", then you can
Search the file for something you know will be there, such as: <script lang=\"en-us\" type=\"text/javascript\">
Using string manipulation, add the desired text, such as a function (but this can be anything)
Navigate to the String
The C# code:
string MyWebPageString = GetWebpageString(WebpageUri);
string ScriptTagString = "<script lang=\"en-us\" type=\"text/javascript\">";
int IndexOfScriptTag = MyWebPageString.IndexOf(ScriptTagString);
int LengthOfScriptTag = ScriptTagString.Length;
string InsertionScriptString = "function SayHelloWorld() { window.external.notify(\"Hello World!\");} ";
MyWebPageString = MyWebPageString.Insert(IndexOfScriptTag + LengthOfScriptTag + 1, InsertionScriptString);
MyWebview.NavigateToString(MyWebPageString);
The result will be that the navigated to Webpage will look like this:
<script lang="en-us" type="text/javascript"> function SayHelloWorld() { window.external.notify("Hello World!");}
function myFunction() {
alert("I am an alert box!");
}
</script>
Since the injection can be applied to any area, even the HTML, you should be able to figure something out.
Hope this helps. Good luck.
This answer was based on this MSDN blog

call/answer between PHP and ASP.NET

Is it possible to submit an email address through a text area of an HTMLpage integrated in ASP.net page and send this to a PHP script that control if is actually a valid email address and send answer back to the ASP page so I can get an alert: VALID or NOT VALID.
I have 2 webspeace with two different websites: ASP.net and one in PHP.
The ASP.net page has a Webform in HTML. I would like to use this to send the email to the PHP script. which rune the validation and send back the status to the ASP page that would answer through an alert, "mail valid" or "not valid."
The idea I have is that the script (after the validation control) has to send back an answer throw an URL to the ASP page and the ASP page would "listen"/ "get" this URL as a variable in order to diplay with an alert the result of the PHP SCRIPT
PHP side:
<form action="http://www.exemple.com/scripts/mailvalidation.php" method="post" id="webform">
SCRIPT PHP ? (maybe using the PHP FILTER_VALIDATE_EMAIL) ?
ASP.NET ?
Any suggestion=?
Sounds like a perfect place to use AJAX. It is independent of the language you use. PHP, ASP.NET, JSP it is all the same. All that is needed is simple JavaScript or Jquery.
In your ASP Page,
<form id="myform">
<input type="email" id="email" name="email" />
<button>Submit</button>
</form>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
<script type="application/javascript">
$(document).ready(function(){
var formvars = $("#myform").serialize();
var url = "http://www.example.com/your_page.php?" + formvars;
$.ajax({
url: url,
cache:'false',
dataType: 'text',
type:"GET",
success: function(data){
//alert( data );
alert( data );
if(data =="1")
alert("VALID");
else
alert("IN VALID");
},
error: function(data){
alert('error; '+ eval(error));
}
});
});
</script>
In your php script,
<?php
$email = $_REQUEST["email"]
if($email, FILTER_VALIDATE_EMAIL))
echo "1";
else
echo "0";
?>
Good luck.
I would say if the issue is of passing value from asp to php, then use querystring to pass value from one page to another.
But as far as your comment goes...you can directly use ASP to insert the records in MYSQL without passing through PHP.
YOu can use the following as the reference:
http://www.codeproject.com/Articles/36484/Working-C-code-for-MySql-Stored-Procedures-IN-OUT
in php file use:
<?php
if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
$msg='valid';
}
else{ $msg='invalid'; }
$urlVar='email='.$_POST['email'].'&msg='.$msg;
header("location: hostname/PageName.asp?$urlVar");
then in asp you can use above code and execute your msg in if condition as shown:
if(Request.QueryString("msg") != ' ' && Request.QueryString("email") != ''){
}
I am not good in asp but hope you get concept to handle it
I would suggest, validate email in asp.net. There is lot you can do to validate email in asp.net. Like use Regular Expression - refer this, or use EmailValidator to validate. Also check this link - Email Address Validation for ASP.NET
Following is an example of the above.
<asp:RegularExpressionValidator ID="regexEmailValid" runat="server" ValidationExpression="\w+([-+.]\w+)*#\w+([-.]\w+)*\.\w+([-.]\w+)*" ControlToValidate="tbEmail" ErrorMessage="Invalid Email Format"></asp:RegularExpressionValidator>
But if you are interested to know how to communicate between asp.net and php, then you can check following.
Have php page that accepts email as get request, php page can use FILTER_VALIDATE_EMAIL to validate email or any other custom validation you want to add.
Then use jQuery ajax in asp.net webform to invoke that page with get request and from php page send required message and success handler trap the output , display that to asp.net page.
EDIT
After checking your comment, you need to insert to mysql from asp.net. And that is pretty much doable. You need to have mysql connector for .net and use that library to make CRUD operation. Since answer or actual code snippet is not in scope of current question, i am posting links that will be helpful for you.
Following are some of link -
LINK1
LINK2

HTMLAgilitypack read html page info with ajax calls

I am using HtmlAgilitypack for reading specific html elements of a specific url.
The problem I am facing is one of the html tag contents are filled by AJAX requests. So how can I read this ?
<div id="priceInfo"></div>
Code I used to read the url is
HtmlWeb _htmlWeb = new HtmlWeb();
HtmlAgilityPack.HtmlDocument _webDoc = _htmlWeb.Load(webUrl);
// HtmlNodeCollection _priceNode = Gets the node with id priceInfo
The contents of this div is filled by a ajax request and i want to read the contents of this DIv after its getting filled. How can i do that
HtmlAgilityPack is to be used at server side. from what you stating, you are trying to assert a value at client side, not at the server side.
you should look into using jquery/javascript once the ajax call is done.
ajax ({ ....
.done(...) {
// handling the return result...
alert($("#yourHtmlId").val()); // show one of your html tag value attribute.
}
})
http://api.jquery.com/jQuery.ajax/

Parsing javascript HTML using HTMLAgilityPack

I have the following HTML that I'm trying to parse using the HTML Agility Pack.
This is a snippet of HTML code:
<body id="station_page" class="">
...
<div>....</div>
<script type="text/javascript">
if (Blablabla == undefined) { var Blablabla = {}; }
Blablabla .Data1= "I want this data";
Blablabla .BlablablaData =
{ "Data2":"I want this data",
"Blablabla":"",
"Blablabla":0 }
{ "Blablabla":123,
"Data3":"I want this data",
"Blablabla":123}
Blablabla .Data4= I want this data;
</script>...
I'm tring to get those 4 data variable (Data1,Data2,Data3,Data4). first, I tried to found the javascript:
doc.DocumentNode.SelectSingleNode("//script[#type='text/javascript']").InnerHtml
How can I check if it's really the right javascript?
After finding the relevant javascript how can I get those 4 data variable (Data1,Data2,Data3,Data4)?
You can't parse javascript with HTML Agility Pack, it only supports HTML parsing. You can get to the script you need with an XPATH like this:
doc.DocumentNode.SelectSingleNode("//script[contains(text(), 'Blablabla')]").InnerHtml
But you'll need to parse the javascript with another method (regex, js grammar, etc.)

MVC dynamic JQuery recieve dropdown value to feed HTML Helper that returns an image

Questions;
6164507
7869467 &
3040342 have been very helpful BUT....
In .NET MVC C#
I am trying to harvest a value from a dropdown and pass that value to my html helper which renders an
image in a div. The questions cited above got me as far as this JdFiddle
http://jsfiddle.net/JSyLV/276/
I'm pretty sure I can't place the selected option value in a var and pass it to the HTML Helper.
( different languages in the same viewpage = Krazy !!)
So I guess all I''m asking is how to get the value to the HTML Helper.
I'm confident that I can scratch together the HTML Helper to return the image/anchor thingie.
$(document).ready(function ()
{
$('#selectMe').change(function ()
{
alert("changefunction called");
alert('#'+$(this).val());
alert($(this).val());
})
});
You can use an AJAX request to get the image information from the server:
$(function () {
$('#selectMe').change(function () {
$.ajax({
url : '<url-of-html-helper>',
type : 'get',
data : { selectMeVal : $(this).val() },
success : function (serverResponse) {
//if you server response is the HTML of the image then you can just add the serverResponse to the DOM
$('#some-container').html(serverResponse);
},
error : function (jqXHR, errorText, c) {
//if an error occurs, handle it here, like re-run the request, or show a message to the user
}
});
})
});
If instead of outputting the HTML for the image in your server-side code, you could just pass a source for the image and update an image already in the DOM (or create a new one via JavaScript). I generally try to limit the data that comes in via AJAX requests (it's always good to have your responses be less than 1500 bytes so it fits in a single packet, most of the time).

Categories