Reputation: 3675
How to config AntiXSS with .Net 3.5?
Hi I am using Ajax HtmlEditorExtender for my one of TextBox. It is strongly recommended to use the AntiXSS Sanitizer. Following is what I added in my web.config.
<configSections>
<sectionGroup name="system.web">
<section name="sanitizer" requirePermission="false" type="AjaxControlToolkit.Sanitizer.ProviderSanitizerSection, AjaxControlToolkit"/>
</sectionGroup>
</configSections>
<system.web>
<compilation targetFramework="3.5" debug="true"/>
<sanitizer defaultProvider="AntiXssSanitizerProvider">
<providers>
<add name="AntiXssSanitizerProvider" type="AjaxControlToolkit.Sanitizer.AntiXssSanitizerProvider"></add>
</providers>
</sanitizer>
</system.web>
But I got two errors in my web.config. (1) The 'targetFramework' attribute is not declared. (2) The element 'system.web' has invalid child element 'sanitizer'.
Can anyone tell me how to fix them?
Upvotes: 3
Views: 4539
Answers (1)
Reputation: 12589
The targetFramework attribute was introduced in .NET 4.0, if you're getting the ... is not declared error it probably means the AppPool you're running your application under is running the .NET 2.0 framework.
To fix this you can either:
In IIS, change the version of the .NET framework for the AppPool to .NET 4.0, or select a different AppPool that is configured to use .NET 4.0
or
Remove the
targetFrameworkattribute from your web.config, in which case ASP.NET will default to whichever version the AppPool you're using is configured to use.
Upvotes: 1
Related Questions
- Microsoft AntiXSS Alternative
- How to use AntiXSS library in ASP.NET 4.5
- How to use Microsoft AntiXss 4.x?
- How to write in asp.net web.config httpRuntime for 3.5 framework
- How to Include Anti-XSS in ASP.Net 2.0 Without Visual Studio
- Using MS Anti XSS library for sanitizing HTML
- System.Web.Security.AntiXss missing methods
- Microsoft AntiXSS wpl using in asp.net mvc3 applicaton
- How to use AntiXss in my Project?
- AntiXss library not working well