Reputation: 1776
Detect offending text in MVC model binding
I am using MVC 5. I find that text input that contains email addresses written as John Doe<[email protected]> is detected as malicious text and is not submitted to the controller. This is a great security feature.
However, the problem is that the form remains frozen, i.e. the user gets no indication that some specific text is blocking form submission. I would like to be able to alert the user about the offending text so they can potentially correct it. For example, when including email addresses, I find that writing the address as John Doe([email protected]) is a simple fix and leads to successful model binding and form submission.
How to detect the specific instances of text input that MVC detects as potentially malicious text and give the user some indication to fix input.
Upvotes: 0
Views: 107
Answers (1)
Reputation: 36
You can use regular express to validate email address. Enable client side validation, so user will get message when s/he tried to enter such characters.
Upvotes: 1
Related Questions
- How can I detect an overposting attack in ASP.MVC during model binding?
- Control SQL injection in MVC
- asp.net MVC prevent sql injection
- User Input Check Before Insert to Database
- MVC 4 SQL string injection Security
- MVC 5 security concern related to viewmodel XSS, SQL Injection
- Avoiding an Sql injection attack
- Reliably handle ASP.NET MVC model binding errors
- ASP.NET MVC: Simple SQL Injection security
- asp.net MVC HTML injection