While .NET does a lot of great security things for us one of the things it lacks is an easy way to do input validation. To that end I created a control with some common validations built right in (note that these are server side validations that are only evaluated on post back).

It is easy to provide your own custom validation  as well:

By default if validation fails the control will throw an exception upon postback. You can change this behaviour by changing the notification type to raise an event or do nothing (doing nothing is not recommended and is in place in case you wish to temporarily disable validation).

I also built a http module for this project that will throw an exception if a textbox is found on any page before it is sent to the browser. This forces me to use the validating text box all the time (which I should be doing anyway). This is more of a development module and I would remove it for production myself to avoid the performance impact of inspecting every form before it is sent to the browser.

<httpModules>
  <add type="Solidhouse.Validation.WebControls.ValidationEnforcementModule, 
  Solidhouse.Validation.WebControls" name="ValidationEnforcementModule" />
</httpModules>

TODO
-Add logging functionality. There will be a dialog where you can add logging channels upon a validation error. This is helpful to spot either a validation that is too restrictive or to see if someone is trying to exploit your site.

Again this is alpha software I came up a few nights back so use at your own risk. All feedback is appreciated.