Saturday, 17 December 2016

A potentially dangerous Request.Form value was detected from the client

Cause of Error

.NET detected something in entered text which looked like an html statement. ASP.Net By default validates all input controls for potentially unsafe contents that can lead to Cross Site Scripting and SQL Injections. So ASP.Net is not allowing this content so it's blocking by this exception. By default it is recommended to allow this check to happen on each postback.

In some cases as per your requirement you can avoid this exception as below
<%@ Page Language="C#" AutoEventWireup="true" ValidateRequest = "false"

it will disable the request validation for current page. if you want to disable for whole application then you can put in web.config as below in system.Web section.
<pages validateRequest ="false" />

For .Net 4.0 or higher versions write below code under System.Web section.

<httpRuntime requestValidationMode = "2.0" />

No comments:

Post a Comment