Auto-Insert double quotes for HTML attributes broken - asp.net

In VS2008, it used to be that whenever I was typing an html attribute in an .aspx page when I hit '=' a pair of double quotes was automatically inserted and the cursor placed inside them. I guess I've changed a setting, but I don't know what to change to get that functionality back.
I am using Resharper if it makes a difference.

In VS2008. Tools -> Options -> Text Editor -> HTML -> Format -> Click "Insert attribute value quotes when typing".
Not sure how this is impacted with Resharper.

Related

Prevent auto semicolon in Visual Studio Code

I'm using the Visual Studio Code. I never want auto semicolon after CSS properties. But VS Code gives me an auto-complete option which I don't like.
How can I stop auto-complete semicolon at the end of CSS properties?
Settings > Extensions > CSS , uncheck the Complete Property With Semicolon.
or
You can change the default values in the Settings editor.
search the code & change it from true to false.
// Insert semicolon at end of line when completing CSS properties
"scss.completion.completePropertyWithSemicolon": false,
From: https://code.visualstudio.com/docs/getstarted/settings
Press Control + Shift + P in VSCode.
Search For Preferences: Open Settings (UI).
Again in the Searchbar, search for Semicolon.
Choose CSS or your preferred language from where you want to remove auto
semicolon.
Untick Insert semicolon at the end of line when completing CSS properties.
And you are done.
In Settings go to Extensions -> CSS and uncheck 'Completion: Complete Property With Semicolon'

Label html string being read by screen reader

I've got some dynamically generated html building a drop down menu using the Dojo library. I need to make my code Accessibility compliant and right now the screenreader looks at the menu item and reads it as plain html:
menu.addChild(new MenuItem({
label: "<a onclick=window.location.href='sampleurl.com'
href="sampleurl.com">Sample Link</a> ...
Excuse the onclick, it's for a different issue, but what I'm getting is basically:
Tab down to first menu item
Screenreader: "Less than a onclick equals window dot location dot href equals sampleurl"... etc
I've tried using aria-hidden, but the screen reader just reads that as text, I'm using voice over on Mac OS, but I need it compliant for JAWS as well. Any tips or advice? Thanks!
label is used for the label (which can be in HTML), not for putting the full link html tag.
See on the following page how to use the Dojo library to generate menu items:
https://dojotoolkit.org/reference-guide/1.10/dijit/Menu.html
Example:
menu.addChild(new MenuItem({
label: "Sample Link",
onclick: function() {window.location.href='sampleurl.com';}}));
This would be easier to debug with a working example along with something stating what screen reader / browser combo you are using. At the bare minimum, show us the HTML output of your script, considering it is writing HTML for the screen reader to parse.
That being said, I suspect the missing / inconsistent quotes. Note that you start a string with double quotes, then go into the onclick attribute with no quotes around, then single quotes around its value, and then use double quotes around the href.
Alternatively, you are writing the entire string into the page and somehow HTML encoding it.
I suggest using a linting tool to check your JS.

vs2010 - shortcut for surrounding a String by double quotes

I used to work with a developer who, selects a text in aspx page and applies a keyboard shortcut to enclose it in double quotes.
Eg: runat=server. when i select server and press ctrl+somekey, it should be runat="server"
Could someone tell me what is the keyboard shortcut, i tried googling a lot, but couldnt find one..
Currently we are overhauling a page, and need this badly...
Thanks in advance.
As far as I know this is a setting in Visual Studio which enables you to immediatelly place quotes when you type attribute and press equals sign or if you type a few letter and press CTRL+Space. This will autocomplete the attribute and place quotes. In order to enable the quotes click on Tools then Options. If it is not checked, check Show all settings. Expand Text Editor, then HTML and click on Formatting. On the right side enable Insert attribute values quote when typing and Insert attribute value quotes when formatting
Format selection: ctrl+k, ctrl+f
I also have Tools > Options > HTML > Formatting > Insert attribute value quotes when formatting checked.
I think you should try this with the replace function
search : runat=server
replace: runat="server"
The developer may have been using a refactoring tool such as CodeRush or Resharper. Have a look at this link for how you may be able to do something similar without extra tools.

weird Ajax ComboBox drop down list

I've got combobox inside some panel :
<ajaxToolkit:ComboBox
ID="YearList"
runat="server"
OnInit="YearList_Init1"
EnableTheming="false"
Width="45px"
ViewStateMode="Disabled" />
and it was OK before I updated project to .NET 4 , after updating project (And AJAX) to .net4 it's looking like really strange ... I can't explain it proper , I will show :
how can I fix it ? :) Full CSS / ASPX page here -> https://github.com/nCdy/Issues/tree/master/Ajax%20ComboBox (string # 287)
I had a similar issue and could resolve mine by removing the extender that I had added to the Panel containing the combobox. I had used a DropShadowExtender for the Panel, removing it caused the combobox to be displayed perfectly. Perhaps you can try that as well.
i am seeing a lot of texts like
Контрактный час
:
, every where in your form. So i need to know, are you using some sort of encoding , that is, is this placed by you or came unexpectedly. If you havent placed it, remove all unneccessary such lines and use plain text instead (if required). Then check the layout.
Also in your image, i can see , ur language is russian(if i am right :)). So try using your localized font that is direcly supported by aspx as we use english or better use resource file instead of the hardcoded text on the page. As per my view the language conversion is creating such issue.

Input Validation When Using a Rich Text Editor

I have an ASP.NET MVC application and I'm using CKEditor for text entry. I have turned off input validation so the HTML created from CKEditor can be passed into the controller action. I am then showing the entered HTML on a web page.
I only have certain buttons on CKEditor enabled, but obviously someone could send whatever text they want down. I want to be able to show the HTML on the page after the user has entered it. How can I validate the input, but still be able to show the few things that are enabled in the editor?
So basically I want to sanitize everything except for a few key things like bold, italics, lists and links. This needs to be done server side.
How about AntiXSS?
See my full answer here from similar question:
I have found that replacing the angel
brackets with encoded angel brackets
solves most problems
You could create a "whitelist" of sorts for the html tags you'd like to allow. You could start by HTML encoding the whole thing. Then, replace a series of "allowed" sequences, such as:
"<strong>" and "</strong>" back to "<strong>" and "</strong>"
"<em>" and "</em>" back to "<em>" and "</em>"
"<li>" and "</li>" back to ... etc. etc.
For things like the A tag, you could resort to a regular expression (since you'd want the href attribute to be allowed too). You would still want to be careful about XSS; someone else already recommended AntiXSS.
Sample Regexp to replace the A tags:
<a href="([^"]+)">
Then replace as
<a href="$1">
Good luck!

Resources