From: Dominick Baier (db@die-lounge.com)
Date: Fri Mar 26 2004 - 03:29:35 EST
Hi,
some other info...
per default each asp.net webform (1.1) has a implicit property
"ValidateRequest" which is set to true. you can set this property at
machine, application and page level.
If this is on - asp.net will check for <SCRIPT> (and maybe other tags) in
query strings, form fields and cookies.
however there is a bug in asp.net 1.1 with null characters :
won't work
http://foo.bar/search.aspx?term=