3

Hi I am using Ajax HtmlEditorExtender for my one of TextBox. It is strongly recommended to use the AntiXSS Sanitizer. Following is what I added in my web.config.

<configSections>
<sectionGroup name="system.web">
            <section name="sanitizer" requirePermission="false" type="AjaxControlToolkit.Sanitizer.ProviderSanitizerSection, AjaxControlToolkit"/>
        </sectionGroup>

 </configSections>

    <system.web>
        <compilation targetFramework="3.5" debug="true"/>
        <sanitizer defaultProvider="AntiXssSanitizerProvider">
            <providers>
                <add name="AntiXssSanitizerProvider" type="AjaxControlToolkit.Sanitizer.AntiXssSanitizerProvider"></add>
            </providers>
        </sanitizer>
    </system.web>

But I got two errors in my web.config. (1) The 'targetFramework' attribute is not declared. (2) The element 'system.web' has invalid child element 'sanitizer'.

Can anyone tell me how to fix them?

GLP
  • 3,441
  • 20
  • 59
  • 91

1 Answers1

1

The targetFramework attribute was introduced in .NET 4.0, if you're getting the ... is not declared error it probably means the AppPool you're running your application under is running the .NET 2.0 framework.

To fix this you can either:

  1. In IIS, change the version of the .NET framework for the AppPool to .NET 4.0, or select a different AppPool that is configured to use .NET 4.0

    or

  2. Remove the targetFramework attribute from your web.config, in which case ASP.NET will default to whichever version the AppPool you're using is configured to use.

PhilPursglove
  • 12,511
  • 5
  • 46
  • 68
  • Just had a play with this but I can't replicate the `sanitizer` problem - can you post more about your setup? – PhilPursglove Jan 25 '12 at 14:04
  • Thank you for your reply. I am not using IIS. I run my program from VS2008. I checked the properties of my project, the targetframework is 3.5. That is why I set 3.5 in my web.config. Also, I am using AjaxControlToolKit 3.5. In order to use AntiXSS, I added references to all three DLLs, then I got AntiXSSLibrary, HtmlSanitizationLibrary and SanitizerProvider under my References. That was all I did, am I missing something? – GLP Jan 25 '12 at 14:22
  • I haven't got VS2008 installed, only 2010 :-( – PhilPursglove Jan 25 '12 at 14:29
  • So my question actually is how to config AntiXSS (come with AjaxControlToolKit3.5) with .NET 3.5. – GLP Jan 25 '12 at 15:20