Menu
I'm looking for a bit of help as this is now driving me crazy.
I have a tinyMCE text editor on my page which is populated with content which is already stored in the database as html.
eg.
<p>first paragraph</p>
<p>second paragraph</p>
etc, etc with no problems there.
but when I make a change in the editor and then try to update the content in the database I get the error potentially dangerous request.form value was detected from the client
I made all the recommended changes in the web.config
But still get the potentially dangerous request.form value was detected from the client error. This is happening in .NET 4.0 any help/advice would be great.
272
The ValidateRequest setting can be set to FALSE in the @Page Directive. Disabling the ValidateRequest setting in @Page Directive will disable it only for the specific Page. This will disable the validation of requests for the page you have set the ValidateRequest setting to FALSE.
As you know, ValidateRequest is a security feature which has been available since . NET Framework 2.0 in WebForms. This feature prevents users from entering html content in input fields to keep the application away from different kind of XSS injection attacks.
I wouldn't even try to enable this on a site-wide level in the web.config file - just do it per page, when you know specifically input data is safe:
<%@ Page ... ValidateRequest="false" %>
You can use an Umbraco control exposed specifically for this purpose from within a Template as such:
<umbraco:DisableRequestValidation runat="server" />
You have to post the section of web.config,
It should be,
<system.web>
<compilation debug="true" targetFramework="4.0" />
<httpRuntime requestValidationMode="2.0" />
</system.web>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
