Clever Geek Handbook

Message form error

Can someone please explain what might be causing this error. I think these are quotes.

Exception Details: System.Web.HttpRequestValidationException: A potentially
dangerousRequest.Form value was detected from the client
(ctl00$ContentPlaceHolder1$DetailsView1$txtContent="...l economy.<br /><br />The
Prop...").
+2


source to share


6 answers


The content of the control (possibly a text box) contains what ASP.net considers to be markup, for example:

<br /><br />

You can add ValidateRequest = "false" to the page directive in the .aspx file like this:



<%@ Page ........ ValidateRequest="false" ........ %>

As other answers point out, asp.net does this to try to protect you from potentially malicious input, so make sure you are aware of the risk and encode / decode user data appropriately.

+1


source


I think you can take a look at this Potentially dangerous Request.Form value has been detected



+1


source


It will be '<' and '>'.

EDIT: Including html records in form responses is supposed to be an attack on the server that the form is on. So, by default, any code that looks like html (i.e. includes '<' or '>') is automatically flagged as a problem.

One way to work around this problem is to disable this type of validation by setting validateRequest = "false" to the page directive for that page, but there are other (and better) ways that work.

Below is information from Microsoft about this issue.

0


source


Its html "<br />" tags.

Here's an article with a short explanation . It also shows how to get around it by disabling validation. Although I think it would be a little dangerous to just turn it off.

0


source


In fact it should be

<br /><br />

he complains.

0


source


My idea is to allow this exception. Use the Application_Error handler to write code that redirects (using Response.Redirect - this is important because it allows the browser to return users) to the custom error page. On this page, write text that explains that users have entered the wrong text. Something like:

"Dear user, you entered incorrect text, for example" <"or". "Enter text using only symbols and numbers."

Place a link to this page and that link may contain a javascript "back" command:

href="javascript: history.go(-1)"

Users after clicking such a link will be redirected by their browsers to the previous page, where they can re-edit their input.

0


source






More articles:


All Articles