Hi all I am using the markitup editor to get the value for one of my fields and storing it a sql server 2008 db. Now I guess the problem is people having script tags and javascript in the editor and injecting malicious scripts and I have my validate input turned false. So can anyone suggest me a way to write a custom validation method that maybe checks for script tags and removes them...or just guide me through the steps i need to do ?...also are there other things also that I should be worried about..?
This has some good suggestions: handle javascript injection in asp.net mvc