← Back to all blogs


Posts in 'dotnet'

Solving the “A potentially dangerous Request.Form value was detected….” in ASP.NET MVC

Oftentimes an MVC application needs to POST text back that a user has entered into a text field or textarea. In a project I am working on I am using the TinyMCE WYSIWYG text editor to allow users to write articles. The editor allows for HTML tags such as , , , etc., and when submitting the form I have run across the infamous, “A potentially dangerous Request.Form value was detected” error. So, how do you get around this? You want the user to be able to use some HTML, but you need to secure your site as well from scripting attacks. Enter the [ValidateInput(false)] attribute. Adding this attribute to each of the ActionResults where you are expecting HTML tags to come in, will allow the Controller to continue with the action. This will work most of the time but is not exactly bulletproof for protecting your site. By doing a string.Replace() on the incoming content, and checking for suspicious and/or malicious code, you can secure your site a bit more. 1: [ValidateInput(false)]

Hello Wijmo

We have recognized the power of HTML, CSS and JavaScript and have

POSTing and GETting with jQuery and MVC

The jQuery library has an extensive set of AJAX functions which make it very easy to handle website functionality with all the Ajaxy goodness you’ve come to expect. However there are some gotcha’s when working with MVC and I thought I’d take some time to talk about them. The first thing to remember is to decorate your Actions with the appropriate Http verbs, either [HttpPost] or [HttpGet]. By default MVC 2 only allows [HttpPost] requests when requesting a Json response. Phil Haack has a great article on this at http://haacked.com/archive/2009/06/25/json-hijacking.aspx. In a project I am working on I want users to be able to add other users as friends, see if their friend is online, and if necessary, delete a friend. This jQuery function allows a user to add a friend: 1: function acceptFriend(friendId) {

Uploading photos with MVC

There are many articles online talking about MVC, but not many showing how to upload files. In a project I'm working on I need to have my users upload photographs and wanted them to be able to preview the photo before submitting it. Here's a screen shot of what I'm talking about. The application allows the user to select a photo, which is then previewed. The user can then add a caption and description of the photo. During this first round the Save button is bound to the following jQuery script: 1: function uploadMemberPhoto(elem) {

jQuery and MVC–Part 4, now with Wijmo!

In part three of this series I talked about how to extend jQuery with plugins, went through the steps of writing a plugin, and then demonstrated how to use it in a standard HTML page. I showed you a popular Table Sorter plugin and showed how to initialize it with different options. In this last article I will show you one more plugin, the Wijmo Grid, and how easy it easy to implement it's different options and features. I will also show you some of the cool things that Wijmo can do to help spruce up your web forms and pages. Going back to the Student Course Admin form I've been using for these articles, I am generating a table of student data in an ASP.NET MVC app. One thing I did add since the last article was the ability to filter the students by their first or last name. This was done by adding some JavaScript and an Ajax call which gets a new set of data from the server, then replaces the original table with the new table. 1: function getStudentsByName(elem) {

Charting Trendlines

Trendlines are an important tool used for analyzing data. They alert you with the general rate of increase or decrease of your Y data over your X data. A common scenario is measuring the rate change of sales price over time. Trendlines can be used to forecast data and therefore lend themselves perfectly to data analysis.

20 Tips and Tricks for Building Gauges

In a previous blog post I discussed creating radial gauges with C1Gauge- the ultimate gauge-inator. I've worked with this control a lot, so for this post I thought I would share my knowledge and put together 20 tips and tricks that cover more topics of gauge implementation. They're in no specific order...

Thanks Philly XAML!

I have to extend a big thank-you to Philly XAML for inviting me to some talk to you last Thursday.  Shout out to John Angelini for leading Philly XAML, Dave Isbitski and Perficient for the pizza.  I hope all of you enjoyed seeing our OLAP for Silverlight components as much as I did talking about them.  It's not a stretch to say this is my favorite new product, and something I wish I had a year ago in my previous job.

Filtering FlexGrid

C1FlexGrid for Silverlight and WPF now features Excel-like column filtering services. We've added this feature to the latest prerelease version of the control, and here is how it works. To use the new C1FlexGrid filtering feature, follow these steps:

How ComponentOne Web Parts Make the SharePoint 2010 Experience Better

SharePoint 2010 portals are great platforms to facilitate communication and productivity. They can be used for business intelligence reporting, performance monitoring, record tracking, data entry, and so much more. As SharePoint grows in popularity, pressure on the people responsible for creating data-powered portals increases. While SharePoint includes many convenient tools, developers often need to get involved to create complex data views or create tools where none exist.