DataGrid and Htmlencode

M

Michal Raatz

Welcome.
I have a common problem with the datagrid: when the data source contains
html tags (<script>document.location.href='www.badsite.com'</script> for
example) the page with the datagrid becomes unsafe. I have found two
possible solutions in the net:
- using template columns and HTMLEncode
- using ItemCreated event of the datagrid
Both method works but the grid grows drasticly. And when I have
dynamicly created SQL query, used with AutoGenerateColumns property the
above methods do not apply.

I think the better solution is extending the datagrid in such way, that
the ServerHTML encode will be called on every bound column (without touching
hyperlink , template, etc columns). The problem is that I have to little
experience in writting controls to manage that. I don't know which methods
should be ovverriden and how. I think, something like "CreateItem" or
"InitializeItem" - but I'm totally mixed.
Could you point me in the right direction? (absolutly don't want the
ready code, I just need some ideas)

Regards
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,995
Messages
2,570,233
Members
46,820
Latest member
GilbertoA5

Latest Threads

Top