I have this site with a lot of form pages in it. Now I would like to clean the request.form values in order to avoid malicious code injections. Since I don't want to go page by page and repeat writing the code to clean the values, I would like to do something generic for the site. So I have this module which is included in all my pages, and there I want to go over the request.form values and clean them from illegal characters. So the code looks like: for each x in Request.Form Request.Form(x)=replace(Request.Form(x),">"," ") next Code (markup): which means that I want to replace the ">" character with " " (empty string). The thing is that I cannot override the request.form value. I'm getting this error: Microsoft VBScript runtime error '800a01b6' Object doesn't support this property or method: 'Request' Does ASP prevents this override? I know that with PHP you can override the $_POST values. Can someone here suggest how to workaround it? TX, loolweb guy.