Tags

,

I am sure I have came across this before. In Asp .net 2.0, a readonly textbox value will not be passed if it is set by Javascript. To get the value you will just manually read the value from the request headers (this.TextBox1.Text = Request[this.TextBox1.UniqueID];), which poses a security risk and introduces the problem that 2.0 addresses.

With 2.0, the TextBox control’s ReadOnly property’s behavior has changed slightly. From the technical docs:

The Text value of a TextBox control with the ReadOnly property set to true is sent to the server when a postback occurs, but the server does no processing for a read-only text box. This prevents a malicious user from changing a Text value that is read-only. The value of the Text property is preserved in the view state between postbacks unless modified by server-side code.

Advertisements