Hi, we had not realised that DNN does not set the validate request setting to enabled in web config. We had a request to add several asp.net forms quickly to a DNN website. We just created custom modules on the server itself and copied our forms in. They are just html forms that email results to a mailbox from codebehind, Is there a way to quickly add a wrapper to the html or in code behind to pick up on DNN's built-in antiXSS measures
Sorry for the confusion, No, we created DNN modules directly on the server in the desktop modules folder and simply copied the asp.net forms html and code into the ascx files. By custom forms we meant that we did not use any module template in visual studio etc.
The forms are working inside DNN modules, but is just the Cross scripting we are asking about , apart from sticking a regular expression validator on each text box and using HTML encode in the back end, is there a simple wrapper or in code to allow these modules to pick up on the antiXSS measures used for example in the HTML Module.
Stuart, best solution would be to use any of the form modules available and re-create your forms with one of the modules. There are some good solutions available in the DNN Store (https://store.dnnsoftware...2?searchtext=forms), but also free stuff like OpenForms (https://github.com/sachatrauwaen/openform). Happy DNNing! Michael
Michael TobischDNN★MVP
Hi Joe, no form tags, the forms are working perfectly within the DNN modules.
Michael, Some of the forms are not that simple, fairly lengthy and involve criteria testing with sections hidden or displayed accordingly. At this point, we do not have time to learn a new form module enough to recreate the forms as they are temporary, although we will look at some of the options mentioned for future use.
We just wondered if there was a programmatic way to plug in the page Request Validation or the .Net 4.5 XssSecurity
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.