Using the ValidateRequest="false" on the page will remove the error message but also open up hacking attacks. See this link for more information: http://www.cryer.co.uk/brian/mswinswdev/ms_vbnet_server_error_potentially_dangerous.htm
I am using asp.net. I wrote a vb class that filters out some of the text that might be used to hack into the system. I hope this helps as I am a beginner programmer myself:
Public
Function strip_Active_Requests(ByVal strOriginal As String) As String
strip_Active_Requests =
""
strip_Active_Requests = strOriginal.Replace(
"<%", "<p")
strip_Active_Requests = strip_Active_Requests.Replace("%>", "p>")
strip_Active_Requests = strip_Active_Requests.Replace("<%@", "<")
' Below section looks for word "Script" then filters it out. Use this section becasue ".Replace" is case sensitive. And will not pick up works like "Script" or "scrIpt"
Dim strLen As Long, intStep As Long
Dim ComparedString As String, strLookFor As String, LookForLen As Integer
strLen = Len(strOriginal)
strLookFor =
"script"
LookForLen = Len(strLookFor)
For intStep = 1 To strLen
ComparedString = Mid(strOriginal, intStep, LookForLen)
If ComparedString.ToUpper = strLookFor.ToUpper Then
strip_Active_Requests = strip_Active_Requests.Replace(ComparedString,
"")
Else
'No Matches
End If
Next
' Below section looks for word "runat" then filters it out. Use this section becasue ".Replace" is case sensitive. And will not pick up works like "Script" or "scrIpt"
strLookFor =
"runat"
LookForLen = Len(strLookFor)
For intStep = 1 To strLen
ComparedString = Mid(strOriginal, intStep, LookForLen)
If ComparedString.ToUpper = strLookFor.ToUpper Then
strip_Active_Requests = strip_Active_Requests.Replace(ComparedString,
"")
Else
'No Matches
End If
Next
End Function
I know that others out there may have a better solutions. Please let me know if you have one!
Mr. Bill