I've tried looking at the Microsoft site and Googling this but nobody seems to have an answer aside from the < and the >. There's more to it than that though. I've noticed that the HTML entity starter of &# is invalid. Is there anything e开发者_StackOverflowlse? Does anyone have a complete list?
Thanks!
List of characters by framework version
1.1 Framework Validation:
* &# * <alpha, <!, </ * script * On handlers like onmouseenter, etc… * expression( * Looks for these starting characters (‘<’, ‘&’, ‘o’, ‘O’, ‘s’, ‘S’, ‘e’, ‘E’)This is obviously a pretty strict list of items that would trigger a validation error. In the 2.0 Framework, Microsoft decided to loosen the restrictions on this quite a bit. Below is the list of validation checks in the 2.0 Framework.
2.0 Framework Validation:
* &# * <alpha, <!, </, <? * Looks for these starting characters (‘<’, ‘&’)
I dont have a complete list, but why do you need it? You can set ValidateRequest=false and prevent for Script Injection for yourself.
Maybe you will find the list here: Allowing percents, angle-brackets, and other naughty things in the ASP.NET/IIS Request URL
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论