asp.net 4.0 System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value wa - Asp.net / Web development

Welcome Guest! To enable all features please Login or Register.

Notification

Error

AM22 Tech » Technical Discussions » Asp.net / Web development » asp.net 4.0 System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value wa » Post a reply

Post a reply

From:

Message:

Maximum number of characters in each post is: 32767

Font Color: Font Size:

[quote=Guest;731]I just upgraded to asp.net 4.0 and when i try to update anything in my Blogengine 1.6 implementation, the syetm throws the follwoing error:

System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client.
A potentially dangerous Request.Form value was detected from the client (Text="<p>what?</p>"). 
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client 


Whats the issue? and what should i do to resolve it?[/quote]

Security Image:

Enter The Letters From The Security Image:

Preview Post Cancel

Last 10 Posts (In reverse order)
Guest	Posted: Wednesday, April 04, 2012 2:32:04 PM(UTC)
	Problem NOT resolved - you just disabled security-checks for the entire Request and opened up your app, allowing anyone to post HTML to ANY of the fields on your form. I wish I could tell you how to do this "correctly" - you have no idea how many hours I've spent on this...
Neena Khan	Posted: Tuesday, January 10, 2012 10:30:05 AM(UTC)
	Thanks Buddy Problem resolved ... nice
Guest	Posted: Wednesday, December 14, 2011 4:16:23 AM(UTC)
	thanks lot man.It's working fine
Soan	Posted: Tuesday, May 24, 2011 6:26:17 AM(UTC)
	Well..yes..the error would happen if you upgrade to asp.net 4. The solution is also simple and it is mentioned in the error itself...but i will just write it here again for more clarity: Add the following attribute to your httpruntime tag in web.config: <httpRuntime requestValidationMode="2.0" />. After setting this value, set validateRequest="false" in the pages tag: <pages validateRequest="false"> This will solve the error. Let me know if you need more information.
Guest	Posted: Tuesday, May 24, 2011 6:12:30 AM(UTC)
	I just upgraded to asp.net 4.0 and when i try to update anything in my Blogengine 1.6 implementation, the syetm throws the follwoing error: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client. A potentially dangerous Request.Form value was detected from the client (Text="<p>what?</p>"). Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client Whats the issue? and what should i do to resolve it?