Every time I come back the data to the user, I see that .NET automatically encode data, to prevent malicious script.
So why ValidateRequest?
according to asp.net: http://www.asp.net/whitepapers/request-validation this method is used to prevent some script-injection attacks .. the network is full of attackers so you should encode the data even if .NET automatically do it
%uff1c
SQL server must save it as %uff1c
, it shouldnt encode it automatically :O. Or, at least, it should encode %uff1c
by the encoding choosed by admi - markzzz 2012-04-04 10:14