hi,
i have a textbox were if i enter text as "&#", my web app crashes with the message "A potentially dangerous Request.Form value was detected from the client".
i have a textbox were if i enter text as "&#", my web app crashes with the message "
A potentially dangerous Request.Form value was detected from the client".
i could easily fix this issue by adding "<pages validateRequest="false" , however i want to check if there is any other way to fix this issue.
1 Answer, 1 is accepted
0
Princy
Top achievements
Rank 2
Rank 2
answered on 21 Mar 2013, 04:17 AM
Hi Akarsh,
The .NET framework is throwing up an error because it detected
something in the entered text which looks like an malicious statement. The reason behind the error is as a security precaution. Developers
need to be aware that users might try to inject HTML (or even a script)
into a text box which may affect how the form is rendered.
The only workaround is to set the ValidateRequest attribute of the <%@Page directive to false. Use <httpRuntime requestValidationMode="2.0" /> in your web.config if you are having ASP.NET 4.0 since it ignores ValidateRequest otherwise.
Thanks,
Princy.