Reputation: 229
ASP.NET XML to Word template
I am working on an ASP.NET WebForms app. The client creates an XML string through an excel macro. He/she wants to copy-paste this XML into the application in a multiline textbox. On the click of a button, the XML needs to be parsed and inserted into a word template. I haven't worked with XML before and I'm not really sure if this can be done. Forget about the redundancy of doing this. This is a business request. I suggested having the XML into a file and using a file upload control, I could load the XML and insert it into word.
Initially I tried:
aspx
<asp:TextBox ID="XMLTxt" runat="server" TextMode="MultiLine"></asp:TextBox>
<asp:Xml ID="XMLComp" runat="server" ></asp:Xml><br />
<asp:Button ID="XMLBtn" runat="server" Text="Parse XML" OnClick="XMLBtn_Click"/>
In the code behind I haven't added anything in the XMLBtn_Click method. I was thinking that, when I copy the xml in the textbox and click on the button, since I don't have anything in the method, it shouldn't do anything.
However I'm getting this error:
A potentially dangerous Request.Form value was detected from the client
(LoginView1$XMLTxt="<?xml version="1.0" ...").
So I'm inclined to believe that it's not doable like this and I need to do it differently.
What I want is that when I click on the button, all the XML to go into a string which I can append to my word document and hopefully, that data will be displayed alright in the word document. But I'm pretty sure it's a long stretch and I'm missing some information.
Upvotes: 0
Views: 67
Answers (1)
Reputation: 853
ASP.NET validates form data to prevent XSS injections. Since an XML document contains < and > symbols, it does not pass validation. See A potentially dangerous Request.Form value was detected from the client for details.
In general, I would not recommend you disable the validation even for a single page because it opens a large hole in your site security. I suggest you either encode the specific symbols before a form is submitted (e.g. on the onsubmit event). Then decode it on the client side and save into the document.
Alternatively, you can provide your end-users a capability to insert an XML directly into the document by themselves. For example, the third-party RichEdit control allows online editing.
Upvotes: 1
Related Questions
- ASP.NET + C#. Creating word document from template
- Generate a Word document (docx) using data from an XML file / Convert XML to a Word document based on a template
- Is it possible to insert and render xml in a word document?
- How do import Xml file into Word Content Controls
- Manipulating Word 2007 Document XML in C#
- Creating a Word Document using XML and C#
- Convert word document to xml code c#
- Generate a word file from template and XML data
- ASP.NET Export Data To Word Template
- Convert Word Document to XML and back ASP.Net