asp.net - Prevent special characters in a TextBox

Question

I want to prevent users from entering url's (like a href="") in a TextBox.

I want to use a regular expression validator but no idea what to write?

How can I do it?

Answer 1

javascript + regex will do this, but there's no standard code method I can point you to.

The important thing to remember, though, is that no matter what you do, you can't prevent users from submitting a request to your server with the bad stuff in it. That means anything you do on the client web browser with javascript is only a band-aid and is there to help your users know where the lines are. It's not the real security code. The real security code must be on your server. That's where you need to know how to handle things like web addresses entered in a textbox.