HtmlEncode & Db field length
-
Hi, I read in an MSDN article that we have to encode user input using HtmlEncode for security reasons. I used to do this many projects, but recently I encountered an issue. When the text is encoded it sometimes becomes huge that it exceeds the field length in database and db throws exception. This is normal I suppose, is giving more length to db fields only solution for this? Regards, Blumen
“The thing for you is a burial permit. You have only to speak and I will see that you get it.”
-
Hi, I read in an MSDN article that we have to encode user input using HtmlEncode for security reasons. I used to do this many projects, but recently I encountered an issue. When the text is encoded it sometimes becomes huge that it exceeds the field length in database and db throws exception. This is normal I suppose, is giving more length to db fields only solution for this? Regards, Blumen
“The thing for you is a burial permit. You have only to speak and I will see that you get it.”
Generally we do HTMLEncode when you need to disable javascripts to be running on the browser when it is shown in the web page. I would suggest you to HTMLEncode before showing on the page rather than doing it while storing data into the database. Why do you need to store the encoded string on the database.
Abhishek Sur
-
Generally we do HTMLEncode when you need to disable javascripts to be running on the browser when it is shown in the web page. I would suggest you to HTMLEncode before showing on the page rather than doing it while storing data into the database. Why do you need to store the encoded string on the database.
Abhishek Sur
-
I encode data from Textboxes before saving them in database
“The thing for you is a burial permit. You have only to speak and I will see that you get it.”
Dont Encode before saving them in database. Rather, you should encode after you fetch from the database.
Abhishek Sur