Email Address Validation for ASP.NET

asp.net validation email
Brian G picture Brian G · Oct 8, 2008 · Viewed 235.2k times · Source

What do you use to validate an email address on a ASP.NET form. I want to make sure that it contains no XSS exploits.

This is ASP.NET 1.1

Answer

WebDude picture WebDude · Oct 8, 2008

Any script tags posted on an ASP.NET web form will cause your site to throw and unhandled exception.

You can use a asp regex validator to confirm input, just ensure you wrap your code behind method with a if(IsValid) clause in case your javascript is bypassed. If your client javascript is bypassed and script tags are posted to your asp.net form, asp.net will throw a unhandled exception.

You can use something like:

<asp:RegularExpressionValidator ID="regexEmailValid" runat="server" ValidationExpression="\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*" ControlToValidate="tbEmail" ErrorMessage="Invalid Email Format"></asp:RegularExpressionValidator>

Related questions

A potentially dangerous Request.Form value was detected from the client

Every time a user posts something containing < or > in a page in my web application, I get this exception thrown. I don't want to go into the discussion about the smartness of throwing an exception or crashing an …

Read More
ASP.NET Custom Validator Client side & Server Side validation not firing

This has not happened to me before, but for some reason both the client and server side validation events are not being triggered: <asp:TextBox ID="TextBoxDTownCity" runat="server" CssClass="contactfield" /> <asp:CustomValidator ID="CustomValidator2" runat="server" …

Read More
Date validation with ASP.NET validator

I'm trying to use an ASP.NET RangeValidator to validate a date on a textbox. The format of the date entered on the textbox is dd MMMM yyyy. How can I use the range validator to validate a valid date? …

Read More