Currently when trying to submit transaction that contain dropdown that has text containg angular bracket as e.g. "<abcd>", I'm getting 500 internal server error since ValidateRequest=true by default and throws unhandled exception before it reached to page handler since its Cross site scripting problem.
Is there a way to intercept and modify request object in HttpModule or Glabal.asax since I know Request object is readonly.
I've been breaking head for almost three days but not able to get a concrete solution. What would be the best solution to handle these kind of scenarios. Also I don't want to encode it in client side.
I prefer to use Microsoft Anti-Cross Site Scripting Library V4.0 as it provides many helper functions to encode HTML, HtmlAttribute, JavaScript, URL, XML to restrict any cross site attacks.