Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

trying to submit rich text editor content in asp.net mvc and getting "potentially dangerous Request.Form value was detected"

I am using TinyMCE in asp.net mvc and getting the error message "a potentially dangerous Request.Form value was detected" when trying to save the text from the TinyMCE editor. I set ValidateRequest="false" both in web.config and on the page. Any ideas?

like image 717
user85562 Avatar asked Apr 01 '09 09:04

user85562


People also ask

How do you fix potentially dangerous request form value was detected from the client?

We can resolve your reported problem (A potentially dangerous Request. Form value was detected from the client) in ASP.NET Application. To resolve your problem, we need add the validateRequest as false in pages tag and add requestValidationMode as 2.0 in Web. config file.

How do I allow HTML tags in ASP.Net MVC?

We can [AllowHtml] attribute on properties in model or view model to disable request validation. [AllowHtml] attribute allows a request to include HTML markup during model binding by skipping request validation for the property.

Is a potentially dangerous request?

The error exception A potentially dangerous Request. Form value was detected from the client occurs when ValidateRequest is set true and someone tries to submit HTML content to server. This error comes since ASP.Net tries to protect the application from Script Attacks.


2 Answers

Just add the ValidateInput attribute to your action and set it to false.

Like this.

[ValidateInput(false)]
public ActionResult Submit(string FormContent)
{

}
like image 92
Sruly Avatar answered Oct 04 '22 02:10

Sruly


To get this working in ASP.NET MVC 2.0, I also had to add

<httpRuntime requestValidationMode="2.0" /> 

to the

<system.web> 

section of my web.config file

like image 26
Ross McLoughlin Avatar answered Oct 04 '22 03:10

Ross McLoughlin