I am using ASP.NET MVC 3 with .NET 4.0. I have a model on which one of the properties requires that HTML content be allowed. I have placed the AllowHtml attribute on my model property which allows HTML on that property. That works by itself.

I am also using the Uploadify flash uploader on other parts of my website. Due to problems with flash and sessions, I'm using some code similar to the code in a swfupload example to allow my file upload access to session data. Basically I'm accessing the Request.Form collection directly in the Application_BeginRequest handler.

The problem I'm running into is that when the form that allows HTML is posed I get a HttpRequestValidationException when the code in the Application_BeginRequest handler access the Request.Forms[key] collection.

Like I said in the beginning, I've tried the AllowHtml attribute. I've also tried disabling validation at the action and controller level using the ValidateInput(false) attribute, but I believe I'm too early in the request life cycle for those to apply. Is there anyway to access the Request.Form collection containing "potentially dangerous" data without disabling request validation for the entire site?

You asking about something like this: Validate request with Request.Unvalidated() in ASP MVC 3 RC and .NET 4 ?

Request.Unvalidated().Params[""]

For the record, another way of doing this is by creating an unvalidated object:

var unvalidatedRequest = System.Web.Helpers.Validation.Unvalidated(Request);

Then you only have to access the unvalidatedRequest object rather than repeatedly hitting Unvalidated().

The Validation.Unvalidated method has various overloads.