Tracking Forums, Newsgroups, Maling Lists
Home Submit Tracker Forums
  Advanced Search
  HOME    TRACKER    ASP.NET


Advertisements:










Security :: Decode A Text That Is Encoded Using AntiXss?


I have saved all data that comes through Input boxes using AntiXss.HtmlEncode(the text from in put box); Now all texts in my databse are HtmlEncodedSo now i want to show them in text boxesSo iave to decode that ?
How can i decode a text that is encoded using AntiXss


View 1 Replies (Posted: Jun 25, 2010 02:05 PM)

Sponsored Links:

Related Forum Messages For ASP.NET category:
AntiXss.UrlEncode Vs. AntiXss.HtmlAttributeEncode Usage In Link (a Href)?
According to old AntiXss article on MSDN AntiXss.UrlEncode is used to encode link href (Untrusted-input in the following example):[URL]My understanding was, that UrlEncode should be used only when setting something to URL, like when setting document.location with JS. So why don't I use HtmlAttributeEncode in the previous example to encode [Untrusted-input]? On the other hand is there a security flaw if I use UrlEncode to encode HTML attributes like in the above sample?

Posted: Aug 26 10 at 8:24

View 1 Replies!   View Related
HTML Decode Using C# / Decode A String Response And Display It To The User?
I'm trying to decode a string response and display it to the user without any luck. I'm using URL encoding char : %3C >, %3E <

mystring.replace("%3C","<").

The response variable look like this:

PageContent=%3CHTML%3E%3CHEAD%3E%3C%2FHEAD%3E%3CBODY%3E%3CFORM%20action%3D%22https%3A%2F%2Fpayments%2Ecom%2FactiveMerchantEmulator%2F%2Easp%22%20method%3DPOST%20id%3Dform1%20name%3Dform1%3E%3CINPUT%20type%3Dhidden%20name%3DPaReq%20value%3D%22TEST%5FpaRaq%22%3E%3Cinput%20type%3D%22hidden%22%20name%3D%22merchant%5Fname%22%20value%3D%22MysiteVal%22%3E%3Cinput%20type%3D%22hidden%22%20name%3D%22trnDatetime%22%20value%3D%2212%2F2%2F2010%208%3A48%3A06%20AM%22%3E%3Cinput%20type%3D%22hidden%22%20name%3D%22trnAmount%22%20value%3D%2285%2E47%22%3E%3Cinput%20type%3D%22hidden%22%20name%3D%22trnEncCardNumber%22%20value%3D%22XXXX%20XXXX%20XXXX%203312%22%3E%3CINPUT%20type%3Dhidden%20name%3DMD%20value%3D%220627E49A%2DB4DE%2D4CF2%2DB5AA0285004C458E%22%3E%3CINPUT%20type%3Dhidden%20name%3DTermUrl%20value%3D%22http%3A%2F%2Fshop%2Emysite%2Eca%2FCheckout%2Fbeanstream%5Ftermurl%2Easpx%22%3E%3C%2FFORM%3E%3CSCRIPT%20language%3D%22JavaScript%22%3Edocument%2Eform1%2Esubmit%28%29%3B%3C%2FSCRIPT%3E%3C%2FBODY%3E%3C%2FHTML%

Posted: Dec 02, 2010 04:14 PM

View 5 Replies!   View Related
Force Formatting Text Encoded By User?
I used a ViewModel class as described below:

public class ProductCreateModel
{
[DisplayName("Id product:")]

[code]...

Posted: yesterday

View 2 Replies!   View Related
Security :: How To Encode / Decode Application
I used the following code to "Encode" my select parameters prior to sending data to a sever :

[Code]....

And I know that I should use this for other server actions Updates, deletes.

How do I Decode the values that I sent to server ?

And what about other controls on my page like text boxes, labels, should they encoded as a matter of standard practice ?

Posted: May 13, 2010 05:47 PM

View 6 Replies!   View Related
Security :: Decode The Information: "Q68uEbl9ZxfNoAiWtGguRQ =="?
I do not remember how to decode the information: "Q68uEbl9ZxfNoAiWtGguRQ =="

[Code]....

TextBox8.Text = cipherText; // Encrypt
TextBox9.Text = Decrypt; // Decrypt - NOT WORKS!

Posted: Jul 25, 2010 02:44 PM

View 69 Replies!   View Related
Why Use Microsoft AntiXSS Library
When you can simply encode the data using HttpUtility.HtmlEncode, why should we use AntiXss.HtmlEncode? Why is white list approach better than black listing?Also, in the Anti XSS library, where do I specify the whitelist?

Posted: Jan 7 10 at 17:37

View 3 Replies!   View Related
Want To Include Microsoft AntiXss V1.5 Library On Live Site Running In A Medium Trust Setting?
I want to include Microsoft AntiXss V1.5 library on my live site running in a medium trust setting.However, I got an error something like:Required permissions cannot be acquired.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Security.Policy.PolicyException: Required permissions cannot be acquired.I tried this in full trust setting on my development machine and everything works good.Looks like this will run only in full trust configuration.

Posted: Apr 6 10 at 11:04

View 2 Replies!   View Related
Decode S-JIS String To UTF-8?
I am working on a Japanese File and I have no knowledge of the language. The file is encoded in S-JIS. Now, I am supposed to convert the contents into UTF-8 so that the content looks like Japanese. And here I am completely blank. I tried the following code that I found somewhere on Internet but no luck:

byte[] arrByte = Encoding.UTF8.GetBytes(arrActualData[x]);
string str = ASCIIEncoding.ASCII.GetString(arrByte);

Posted: Jan 7 at 8:28

View 1 Replies!   View Related
How To Decode HTML In .NET MVC 3
in asp.net mvc 3 preview 1 automaticly encodes html, is there an alternative way to let there be html?think of this cenario:@view.BestSitesEver.Replace("stackoverflow", "<h1>StackOverflow</h1>")That would just print out: <h1>stackoverflow</h1>

Posted: Sep 8 10 at 8:45

View 1 Replies!   View Related
How To Read Or Decode .dat File
I want to read .dat file using Asp.Net C#. I have some details in my .dat file and I want to decode it and need to display on my web page. I already tried to decode it but it was not working properly. Its showing boxes in my web page.

If any one know how to decode .dat file

Posted: Dec 15, 2010 04:25 AM

View 7 Replies!   View Related
Md5 - How To Decode Base64 Code
i have this code that translates into my name im wondering what hash function its using, i thought it was md5

this is my name:

saleh

and this is the code

9LjZ6QoOB1A%253d

Posted: Sep 30 10 at 16:05

View 1 Replies!   View Related
Web Forms :: Decode Hex Value To String From Url?
MY page will be reciving a post method . There i need to decode a hexa value to string that is present in the url .

The url format is as follows

POST /yourserver/yourhandler?Hex-Message=54657374.

Posted: Jul 15, 2010 03:18 PM

View 3 Replies!   View Related
MVC :: Rendering Encoded Html?
I cannot seem to get over this problem. Im sure it is just a simple newbie question but I just cannot find the right answer on my own.

Im using MVC 2 and ASP. NET 4.0 to biuld simple CMS. Im storing encoded HTML in XML file which then i am passing to front page controller for display.

I understand that before inserting HTML from XML into the page, it should be decoded using HttpUtility.Decode() function.

[Code]....

I expected that this sould result in inserting decoded HTML into my index.aspx page. Then browser could render my decoded content for example in bold face.

What happens is quite awkward. In page source I have encoded HTML but it renders HTML with tags. For example I see "<strong> Lorem ipsum </stong>", instead of Lorem Ipsum.

Posted: Aug 13, 2010 12:08 PM

View 5 Replies!   View Related
C# - Getting The Domain From A URL Encoded String?
Another beginner question, I'm afraid... I was wondering if someone could tell me the easiest and most efficient way of getting the fully qualified domain name (e.g. www.google.com) from a UrlEncoded string in ASP.Net (C#).For example: http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dsome%20things%20i%20searched%20forWould give me: www.google.com(Or basically anything where I can check the domain to make sure it's correct.)I'm guessing the first step might be to UrlDecode, but since this is how I'm getting the string, I thought I'd mention it incase it's easier Encoded.

Posted: Nov 24 10 at 18:07

View 2 Replies!   View Related
Decode Form Urlencoded UTF8 In C#?
Edit I'd misunderstood what was happening here.. there is a POST send, then receive back a result, then the URL string which I'm seeing here is part of the the query string... so I can't decode what this really is, as it is encoded by the payment gateway people and not me.

I'd like to decode a URL string

Here is the code:

[Code]....

Posted: Dec 22 10 at 5:46

View 2 Replies!   View Related
Web Forms :: HTML Decode In A Listbox?
I have a (hopefully) simple question: I have a listbox that is databound to a MSSQL database. I have it all set up through the Visual Studio UI. Everything is working it just displays the HTML markup instead of the actual character being called.

For example:

If I have a store called "Something's Here", when it's put into the database, the code changes "Something's Here" to "Something&#8242;s Here".

All I need is someway I can HTML Decode the data that is put into the listbox. I've tried to do a HTML Decode through code on just about every page event to try and trigger it before and after it's databound. I've checked all the controls for the listbox and nothing says anything about HTML Decoding or HTML Encoding.

Posted: Oct 24, 2008 08:13 PM

View 7 Replies!   View Related
How Determine If A String Has Been Encoded Programmatically In C#
How determine if a string has been encoded programmatically in C#?

Lets for example string:

<p>test</p>

I would like have my logic understand that this value it has been encoded..

Posted: Dec 22 10 at 9:50

View 5 Replies!   View Related
Why Parameters Are Encoded When Sent Through HTTP Request
I am curious to know the reasons why the HTTP request encodes(URLEncoded) all the parameters before sending it across the network in POST request.

Posted: Feb 17 at 12:34

View 1 Replies!   View Related
Web Forms :: Urlencode / Decode Navigateurl Of Hyperlink
What is the best way to encode the url in Hyperlink without writing code behind.I have many uses and I would like to do it in the Hyperlink statemeent if possible. Some thing suchas the following would be great:
(This does not work)

<asp:HyperLink
ID="HyperLink1"
NavigateUrl=
"<%=UrlEncode(~/All_Videos.aspx?tag=full length movie&title=The Movie)%>"runat="server">Movies</asp:HyperLink>

Posted: Mar 21, 2010 09:27 PM

View 2 Replies!   View Related
How To Use HTML Encode And Decode On Aspx Page
i'm using a repeater that's bound to a datasource. my textboxes etc are bound like this:

Code:
<td class="itemcolour">Surname:</td><td class="itemcolour"><asp:TextBox ID="Surname" CssClass="surnametextbox" runat="server" Text='<%#Container.DataItem("Surname")%>' ></asp:TextBox></td><td class="itemcolour"></td>

so if a user types in something like <test> i will get an error saying potentially dangerous value etc.

how do i use htmlencode in this instance.

Posted: Oct 1st, 2009, 05:06 AM

View 9 Replies!   View Related
How To Encode And Decode A Number Using UTF32 Encoding
For instance i have a number 1 , i want to decode it and after decoding i want to encode it so that it should be return in its real form.

using UTF32 encoding.

Posted: Dec 09, 2008 10:59 AM

View 1 Replies!   View Related
HttpUtility.HtmlDecode Cannot Decode ASCII Greater Than 127?
I have a list of character that display fine in WebBrowser in the form of encoded characters such as &#65533; ... But when posting these characters onto server to I realized that HttpUtility.HtmlDecode cannot convert them to characters as browser did, they all become space.

text = System.Web.HttpUtility.HtmlDecode("");

I expect it to return € but it return space instead. The same thing happen for some other characters as well.

Posted: Oct 22 10 at 10:14

View 2 Replies!   View Related
MVC :: HttpUtility.Decode Does Not Work In TextBox Or TextArea?
I am trying to render html encoded string that is stored in SQL Server into human readable form. The HttpUtility.Decode does not decode the text that is rendered in between the open tag and closing tag of any input tag (ie. TextBox or TextArea or Select) in my ASPX page. However, HttpUtility.Decode works fine if the text is not in an input tag. The following is my test code. For example, the value of AdmitDX field in database is "Someone's comment" which is "Someone's comment" when decoded. The first two code nuggets <%%> will show as "Someone's comment" and the thrid code nugget will show "Someone's comment".

<!-- the following two lines have html encoded text, instead of html decoded text -->
<%= Html.TextArea("AdmitDX", HttpUtility.HtmlDecode(thisTransfer.AdmitDX))%>
<%= Html.TextBox("AdmitDX", HttpUtility.HtmlDecode(thisTransfer.AdmitDX)) %>
<!-- the next line works fine -->
Test = <%= HttpUtility.HtmlDecode(thisTransfer.AdmitDX) %>

Posted: Jul 17, 2010 09:21 AM

View 4 Replies!   View Related
Gridview Not Parsing Xml Encoded Characters Correctly
I'm having a problem using a xml file as datasource for my gridview.

I create this xml file myself using XMLTextWriter class, the file is created parsing an existing excel file so I don't have control over the data retrieved from the excel file. Using XMLTextWriter does encode the special characters correctly, for example: <Enter> instead of <Enter>. The problem is when I try to open this created xml for editing, I use a GridView and bind all the data but special character data is not show in the row.

Excel Data: Enter E or e and press <Enter>
XML Data: Enter E or e and press <Enter>
Data in GridView: Enter E or e and press

Is there a way to force the the GridView to decode the xml attributes correctly?

Posted: Nov 5th, 2010, 01:17 PM

View 10 Replies!   View Related
Receives Encoded Inputs From An ASP Classic Service?
I have an ASP.NET app that receives encoded inputs from an ASP Classic service. The ASP Classic is sending the data like this: Server.HTMLEncode(datahere) As i am parsing the data I wanted to decode it first but Server.HtmlDecode does not work for me. I still get the odd things e.g. & lt; & gt; and such.

Posted: Sep 12th, 2009, 02:38 AM

View 17 Replies!   View Related
Character Encoding - URL Having A & Getting Encoded In A Repeater Control?
I have a URL which is in a ASP.NET repeater control:[URL]This gets encoded to & when it gets rendered to the browser.We have tried decoding it using server side tags in the repeater, that did not work.How can i stop this from happening?[URL]

Posted: Feb 9 at 15:48

View 2 Replies!   View Related
WCF / ASMX :: Passing UTF-8 Encoded String To SOAP?
I am using a third party Web Service. I am passing a string to a function in that service, that string, which i am reading from a UTF-8 text file. The problem it that the string contain some non ASCII characters.

Now if i save that text file to ANSI format, read it in a string and pass that string to Service then it works smoothly but with UTF-8 encoded string the service throw exception [Code]....

NON ASCII characters UTF-8 encoding SOAP

I am using ASP.NET.

Third party sevice is in java. I also tried it by making a web service in .net, but there was issue there too.

Posted: Oct 06, 2010 03:05 PM

View 1 Replies!   View Related
Ajax - Callback To Encoded URL With UTF Characters Fails On IE?
I have Russian blog built with BlogEngine.NET 1.5.

I use Russian words in links encoded with URLEncode, so links are human-readable in most browsers - FF, Chrome, Opera (except for IE, but this is not the real problem with this browser). This idea is not mine, I borrowed it from Wikipedia - it uses encoded URLs on localized sites.

The real problem is that when I am trying to add comment in IE8 it fails (and only on production machine, development environment works fine).

Using Fiddler I found out that IE tries to send AJAX callback using WebForm_DoCallback to wrong address - it seems that it decodes URL, gets wrong characters and asks page with that wrong address from server and (of course) receives 404.

Here is how incorrect request from IE looks in Fiddler:

POST /ru/post/�������������-�����.aspx HTTP/1.1

Here is how FF makes same request and gets correct response:

POST /ru/post/%D0%92%D1%81%D1%82%D1%83%D0%BF%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5-%D1%81%D0%BB%D0%BE%D0%B2%D0%BE.aspx HTTP/1.1

I upgraded solution from default ASP.NET 2.0 for BE to ASP.NET 3.5 but this changed nothing. I made some minor changes in BE to allow properly encoded UTF links - by default it wipes out percent symbol from links.

what wrong is with IE behavior here and how to fix it? Why development environment under ASP.NET Development works different from production machine under IIS6? Why IE does not decode link in address bar (like other browsers) but does it when making request?

Posted: Jan 4 10 at 17:36

View 1 Replies!   View Related
MVC :: Prevent Custom HtmlHelper's Html Being Encoded?
When you render one of the "built in" html helpers (say "TextBoxFor") with ":" (so it's encoded) it renders fine.However if I render the following (a custom file input helper) with ":", the markup are displayed.I understand why. Just don't know how to prevent this (no, I want to stay with ":" and not use "=")(I looked at the source code for the built in ones, but can't see what I'm missing: ttp://aspnet.codeplex.com/SourceControl/changeset/view/23011#288010 )

[Code]....

Posted: Jun 12, 2010 09:35 PM

View 4 Replies!   View Related
Encoded String Length Greater Than Max Specified For User?
I'm using ASP.NET with sql-server. I have an area where the user can enter text of a maximum amount. I encode this text as a good measure but the encoded length can be greater than this maximum amount when I try to insert it into the database.

Special characters are encoded on 3 characters. I can't show the user that he has exceeded the max amount of characters because from his perspective he hasn't. I also can't set the database field to the worst case scenario (being 3 times my max amount).

Posted: 2 days ago

View 2 Replies!   View Related
Form String Data Url Encoded By Some Browser?
i came accross with a peculiar issue on my .net mobile site. some phones/gateways sends form post data as url encoded and a text such as "hey how are you?" in a form with method post stored in the db as "hey+how+are+you%3f" This is not the issue with many browsers but one single network from USA called Metro. I notice different phone models acting same way so i assueme this is an issue with proxy/gateway.

Posted: Oct 19, 2009 12:39 PM

View 3 Replies!   View Related
Sending Base64 Encoded Query String?
I am creating a web site in .Net 3.5 , I am converting the string into Base64String to send it through querystring.The Response.Redirect works fine for smaller string. But if the original string size is 1670,the response.redirect results in error "Page can not be found".item is the string in below code snippet.

byte[] data = Encoding.Default.GetBytes(item);
return Convert.ToBase64String(data)

Posted: Jan 5 at 16:17

View 2 Replies!   View Related
Web Forms :: Decode Base64 And Quoted Printable String?
I am using the following code to decode base 64 and quoted printable encoded messages. It works well for all the charset's except for quoted printable chinese (Charsets: GB18030, GB2312). When I tried to decode, I am getting '?' as output. provide on this code or any other code that decodes all types of encoded string?

Code:

[code]...

Posted: Jan 10, 2011 01:42 PM

View 4 Replies!   View Related
Deserializing A PHP Json Encoded (json_encode) String With .NET Webservices
I am really struggling deserializing a PHP json encoded string in ASP.NET.I am using nusoap and CakePHP 1.3 on the PHP side and mvc.net 4.0 on the web service side and everything was working well. However, I couldn't figure out how to pass a complex array as one parameter of the webservice, so I had the idea of serializing it as json and passing a simple string. So far so good...

$args['products'] = json_encode($booking['Booking']['prs_products']);
[code]...

Posted: Feb 22 at 21:32

View 1 Replies!   View Related
Visual Studio :: Passing Base64 Encoded Connection String To CreateDatabase As A Parameter?
I have an app.config defined as below:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="dataConfiguration"

[Code]....

Posted: Apr 17, 2009 07:33 PM

View 2 Replies!   View Related
Databases :: Parse String With Unknowns Encoding Type And Then Decode It To Normal Type
I have a simple website, where user could upload CSV file.

My application must parse the rows and insert them into table in the database(oracle 9)

Problem with encoding of the strings.

I don't know what encoding type has csv file, but there're can be russian characters.

hen I only parse this rows and insert them into db, after selecting data from table I see incorrect symbols (like encoding error)

My question is: how to parse string with unknowns encoding type and then decode it to normal type for inserting to the DB.

When I'm using StreamReader there're available such parameter as encoding, I using Encoding.Default value. Is it correct?

Posted: Oct 23, 2009 06:23 PM

View 4 Replies!   View Related
Why Does URLs Get Encoded In <link> Tags Within <head Runat="server"> And How To Avoid It
(I have tested this with a vanilla asp.net site running from the webdev server and it is a problem here also):

I have the following markup in my .master file

[code]....

Clearly Asp.Net does something to encode the url. As it happens, I really need the head tag to be runat="server" and I would also like to be able to have "&" in link-urls within it is there some trick I can use to have my cake and eat it too?

Posted: Jan 4 at 10:25

View 2 Replies!   View Related
MVC :: Encoded Quote (%22) In Url Path Causes Illegal Characters In Path Error?
Setting up a route like:
routes.MapRoute(
"Search",
"search/{searchText}/{id}",
new { controller = "Search", action="Index", searchText = "No Search Text", id = "" }
);
Navigating to http://localhost:51223/search/%22tomato%20paste%22

causes the following error:Illegal characters in path. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Posted: Oct 18, 2008 07:25 PM

View 2 Replies!   View Related
.NET Is Unable To Decode String When Java Can "Hi%E1" ?
My problem is with .Net Http/Uri libraries not being able to decode or unescape this character sequence: "Hi%E1". Neither Uri.UnescapeDataString nor HttpUtility.UrlDecode can do it.

Although I have a solution to get around this problem ( http://stackoverflow.com/questions/1221849/url-decoding-confusion ) I would like to understand why it is failing.

The 1st test here throws an exception! The second just fails.

Assert.That(Uri.UnescapeDataString("Hi%E1"), Is.EqualTo("Hiá"));
HttpUtility.UrlDecode("Hi%E1").ShouldBe("Hiá");

There is nothing in the docs to indicate that UnescapeDataString or UrlDecode are restricted to character sets or any reason why these tests would fail. However, from testing, it would appear that HttpUtility assumes UTF-8 (or some other) encoding.

The Java equivalent works! Probably because it allows an encoding to be set.

URLDecoder.decode("Hi%E1","windows-1252"); // this works btw, ie passes tests

Which looks like a very sensible move considering the .Net work-around (see URL above)

Are the .Net implementations of these methods just crap and .Net devs just have to write their own - or am I missing something?

BTW Everything I know of in IIS set to UTF-8, and Chinese/Japanese characters show fine, so I don't yet know how it could it be that this URI consists of windows-1252 encoded characters. If I could fix the URI to contain UTF-8 encoding, that would be a better way of fixing this.

Posted: Feb 18 10 at 23:52

View 3 Replies!   View Related
Copyright 2005-08 www.BigResource.com, All rights reserved