Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 
  • Error:A potentially dangerous Request.Form value was detected from the client

    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 0
    • 195
    Comment on it

    "A potentially dangerous Request.Form value was detected from the client "

       If the "ValidateRequest" is set to true and someone tries to submit HTML content (Example:<a> Hello </a>) to the server, this error occurs as ASP.Net tries to protect the application from Script Attacks.

    What is "ValidateRequest" ?

       As it is always recommended to validate input data and HTML encode it where required, ValidateRequest feature of Asp.Net helps to achieve this. It helps in preventing script-injection attacks made by client script code.

       If ValidateRequest feature is set to true and the user tries to enter the HTML content in the form the Error:"A potentially dangerous Request.Form value was detected from the client " is generated.

    Inorder to overcome this error we can set this feature to false.

    Example:

    <%@ Page Language="C#" AutoEventWireup="true" ValidateRequest = "false"
    

    This will disable this feature for your current page.

       If you want to disable it for your whole application then you have to set it false in your web.config <system.web> section

    <pages validateRequest ="false" />
    

    Note:-> Incase of .Net 4.0 or higher frameworks you need to add the following line in the <system.web> section:

    <httpRuntime requestValidationMode = "2.0" />
    

    Important:-> If you have disabled the ValidateRequest, then it will be good if you HTML encode the content. HTML encoding replaces the HTML tags with its corresponding HTML encoded representation.

    Example: < is replaced by &lt; and > is replaced by &gt;

       For HTML encoding use: Server.HtmlEncode(TextBox1.Text) method

    and
       For HTML decoding use:Server.HtmlDecode(TextBox1.Text) method

 0 Comment(s)

Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: