我试图找出是否有办法避免让ASP.NET的regularrexpressionvalidation使用JavaScript来呈现用作客户端验证的正则表达式。避免此类事情的原因是为了防止用户猜测表单的算法以确定数据是否有效。
<asp:RegularExpressionValidator id="vldEmail" runat="server"
ErrorMessage="This email is missing the @ symbol."
ValidationExpression=".+@.+" ControlToValidate="txtEmail"></asp:RegularExpressionValidator>
</asp:Content>
JavaScript显示正则表达式算法。
//<![CDATA[
var ContentPlaceHolder1_vldEmail = document.all ? document.all["ContentPlaceHolder1_vldEmail"] : document.getElementById("ContentPlaceHolder1_vldEmail");
ContentPlaceHolder1_vldEmail.controltovalidate = "ContentPlaceHolder1_txtEmail";
ContentPlaceHolder1_vldEmail.errormessage = "This email is missing the @ symbol.";
ContentPlaceHolder1_vldEmail.evaluationfunction = "RegularExpressionValidatorEvaluateIsValid";
ContentPlaceHolder1_vldEmail.validationexpression = ".+@.+";
//]]>
答案 0 :(得分:1)
将EnableClientScript设置为false。这将阻止脚本在客户端上呈现。