Menu
I have one asp.net application, which has some problems while i am entering the special characters such as ": &#, " in the search box. If i enter this text in search box, i got the exception like this.
A potentially dangerous Request.Form value was detected from the client (txtValue=": &#, ").
then i searched on the net, i got one general solution for this that to set the validaterequest to false. But no changes has been made on my application. Please help me for solving this issue. Any response that would be appreciated.
356
We can resolve your reported problem (A potentially dangerous Request. Form value was detected from the client) in ASP.NET Application. To resolve your problem, we need add the validateRequest as false in pages tag and add requestValidationMode as 2.0 in Web. config file.
ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. This error description means some one entered HTML markup or script which can be dangerous to the server.
Add a web.config containing
<system.web>
<pages validateRequest="false" />
</system.web>
to the directory with the page that has the form in question.
See http://www.asp.net/learn/whitepapers/request-validation for a complete description.
In case you use asp.net 4.0, you may try
<httpRuntime requestValidationMode="2.0" />
See also
171
A little late, but in agreement with those saying putting this in web.config is a security hole.
I do it with the [ValidateInput(false)] attribute on the controller in question.
ValidateInput is found in System.Web.MVC in MVC2
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
