I can't work out why the first characters of all the labels on my asp login forms are showing in italics:
The code looks like this:
<asp:login DestinationPageUrl="blah.aspx" runat="server" usernamelabeltext="Email Address" ></asp:login>
When I inspect it using firebug it shows that the first characters are being enclosed in tags, like so:
<label for="ctl00_ctl00_ctl00_ContentPlaceHolderDefault_wwContentArea_ctl03_UserName">
<em>E</em>
mail Address
</label>
...
<label for="ctl00_ctl00_ctl00_ContentPlaceHolderDefault_wwContentArea_ctl03_Password">
<em>P</em>
assword:
</label>
Does anyone know what may be causing this? I thought it might have been something to do with access keys (if I press alt+e then it focuses to the email text box) but I cant work out how to stop this.
For me, it was because I was using the CSS Friendly Control Adapters. Since my primary motivation for installing them was for the menu control adapter, I've disabled the login control adapter.
Open the CSSFriendAdapters.browser in the App_Browsers folder.
Comment out the LoginAdapter, like so:
<!--<adapter controlType="System.Web.UI.WebControls.Login" adapterType="CSSFriendly.LoginAdapter" />-->
There's probably a way to get the advantages of the CSS adapter without the italics.
I can't answer why it was doing it, but I've managed to work around it.
With the line of code still as follows:
<asp:login DestinationPageUrl="/schools/what-works/whatworkssearch.aspx" runat="server" usernamelabeltext="Email Address"></asp:login>
This is what the control looked like in designer view:
Although there are no italics shown, it was being rendered with the first characters in italics as I described in my question. To get around this I converted the control to a template like so:
This created a template that shows the labels for the login fields and therefore I could remove the italics tags.
Although this doesn't answer why it was behaving like this for the single line of code, it shows how to get around it.
You may want to check the AccessKey property of the login control and the individual controls pasted within the login section such as Label, TextBox and buttons. By removing the AccessKey value should fix the issue.
Related
This is happening on an asp.net webforms application, using Chrome Version 72.0.3626.109 (Official Build) (64-bit).
The site is password-protected. The user logs in with a username and password. After a successful login the user is redirected to the "Loan Search" page. The Loan Search page contains a handful of text inputs.
The problem is Chrome will autofill my username into one of the text inputs (see image). "tregan" is the username I entered into the login page.
Chrome always selects this particular text input to autofill the username ("Contact Mailing Address"). This is happening to myself and several dozen other users of our web site.
Any idea why Chrome is doing this autofill, and is there anything I can do to prevent it? I cleared my Chrome autofill cache, but that did not fix the problem.
The answer is to add an invisible text input to the asp.net form called "username".
Several years ago we were having the same problem with a different input. The answer was to add an invisible input of type "password", as explained in this SO answer, scroll down to the phrase "It is so simple and tricky...":
Disabling Chrome Autofill
Below is the complete fix, I added these two elements inside the form element in our site's master page. Per #Jeff_Mergler's comment below, put these inputs at the top of your form tag:
<input type="text" id="username" style="width:0;height:0;visibility:hidden;position:absolute;left:0;top:0" />
<input type="password" style="width:0;height:0;visibility:hidden;position:absolute;left:0;top:0" />
Some more ways to try to workaround this:
Add autocomplete="off" to the <form> and/or to the <input>
Change the field's name/id
to something that does not have "name" or "user" in it
If it is not already inside <form> wrap the element with empty <form> tag
Randomize the name attribute of the input, or use data-name instead of name. You'll have to change the code that process the data accordingly.
Also I think it'll help to report this issue to Google via ⋮→Help→Report an issue (or Alt+Shift+I) to encourage them to fix these issues.
I was facing the same issue, i found a fix by wrapping my div inside a form tag and added a property autocomplete="off" in the form tag.
......
.....
Same here. This needs to be resolved by chrome. This is just dumb to have to add tags around textboxes. Also, quick tip to anyone needing to add form tag without having to re-do your CSS. Add "display:contents;" to the form. It will act as if its not even there.
I've got combobox inside some panel :
<ajaxToolkit:ComboBox
ID="YearList"
runat="server"
OnInit="YearList_Init1"
EnableTheming="false"
Width="45px"
ViewStateMode="Disabled" />
and it was OK before I updated project to .NET 4 , after updating project (And AJAX) to .net4 it's looking like really strange ... I can't explain it proper , I will show :
how can I fix it ? :) Full CSS / ASPX page here -> https://github.com/nCdy/Issues/tree/master/Ajax%20ComboBox (string # 287)
I had a similar issue and could resolve mine by removing the extender that I had added to the Panel containing the combobox. I had used a DropShadowExtender for the Panel, removing it caused the combobox to be displayed perfectly. Perhaps you can try that as well.
i am seeing a lot of texts like
Контрактный час
:
, every where in your form. So i need to know, are you using some sort of encoding , that is, is this placed by you or came unexpectedly. If you havent placed it, remove all unneccessary such lines and use plain text instead (if required). Then check the layout.
Also in your image, i can see , ur language is russian(if i am right :)). So try using your localized font that is direcly supported by aspx as we use english or better use resource file instead of the hardcoded text on the page. As per my view the language conversion is creating such issue.
I have my form fields in a Panel which, if a read-only version is required, I set Enabled = False on the Panel. This was quick and dirty and the results are mostly dirty, mostly in IE. Can't scroll through large ListBoxes. Multi-line TextBoxes only show the first few lines. There's some funky styling to disabled Labels.
Do you have any ideas as to how to disable an entire form, letting the user read the data, visually indicating that it is disabled (gray input or text in place of input), but to the server keep the control disabled so it's not loading any data that could be manipulated by enabling fields by nefarious means.
(Also, I'm hoping I don't have to add a label corresponding to each data field.)
You could remove all the buttons and use jQuery to change the background color on all inputs. This would be a quick and easy solution.
$(':input').addClass('disabled');
You can have your fields assigned the readonly attribute, ie:
<input type="text" name=myText value="Enter Your Name" readonly>
This can easily be done with js but is more robust if done right in html.
You could also disable or even remove the submit button.
I would use the ASP web controls. The TextBox for the input type="text".
All web controls have the enabled property
<asp:TextBox id="txtSomething" runat="server" />
You can now enable/disable all controls from code like you do today (for the panel). But you have to do it for every one (I don´t know how many you have).
txtSomething.Enabled = False
You can also do this with JavaScript.
Loop all elements in the form, and disable/enable them.
function DisableEnableForm(myForm,setDisable){
elems = myForm.elements;
for(i=0;i<elems.length;i++){
elems[i].disabled = setDisable;
}
}
You can trigger this JavaScript function from ASP like this:
Button1.Attributes.Add("onclick", "javascript:DisableEnableForm(´form1´,true)");
I have an ASP.NET MVC application and I'm using CKEditor for text entry. I have turned off input validation so the HTML created from CKEditor can be passed into the controller action. I am then showing the entered HTML on a web page.
I only have certain buttons on CKEditor enabled, but obviously someone could send whatever text they want down. I want to be able to show the HTML on the page after the user has entered it. How can I validate the input, but still be able to show the few things that are enabled in the editor?
So basically I want to sanitize everything except for a few key things like bold, italics, lists and links. This needs to be done server side.
How about AntiXSS?
See my full answer here from similar question:
I have found that replacing the angel
brackets with encoded angel brackets
solves most problems
You could create a "whitelist" of sorts for the html tags you'd like to allow. You could start by HTML encoding the whole thing. Then, replace a series of "allowed" sequences, such as:
"<strong>" and "</strong>" back to "<strong>" and "</strong>"
"<em>" and "</em>" back to "<em>" and "</em>"
"<li>" and "</li>" back to ... etc. etc.
For things like the A tag, you could resort to a regular expression (since you'd want the href attribute to be allowed too). You would still want to be careful about XSS; someone else already recommended AntiXSS.
Sample Regexp to replace the A tags:
<a href="([^"]+)">
Then replace as
<a href="$1">
Good luck!
What is the best way to keep an asp:button from displaying it's URL on the status bar of the browser? The button is currently defines like this:
<asp:button id="btnFind"
runat="server"
Text="Find Info"
onclick="btnFind_Click">
</asp:button>
Update:
This appears to be specific to IE7, IE6 and FF do not show the URL in the status bar.
I use FF so never noticed this, but the link does in fact appear in the status bar in IE..
I dont think you can overwrite it :( I initially thought maybe setting the ToolTip (al la "title") property might do it.. Seems it does not..
Looking at the source, what appears is nowhere to be found, so I would say this is a browser issue, I don't think you can do anything in code.. :(
Update
Yeah, Looks like IE always posts whatever the form action is.. Can't see a way to override it, as yet..
Perhaps try explicitly setting it via JS?
Update II
Done some more Googleing. Don't think there really is a "nice" way of doing it.. Unless you remove the form all together and post data some other way..
Is it really worth that much? Generally this just tends to be the page name?
I don't see a link, I see this:
javascript:__doPostBack('btn','');
EDIT: Sorry, was looking at a LinkButton, not an ASP:Button. The ASP:Button shows the forms ACTION element like stated.
But, if you are trying to hide the DoPostBackCall, the only way to do that is to directly manipulate window.status with javascript. The downside is most browsers don't allow this anymore.
To do that, in your page_load add:
btnFind.Attributes.Add("onmouseover","window.status = '';");
btnFind.Attributes.Add("onmouseout","window.status = '';");