{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 SAY GOODBYE 的问题《A potentially dangerous Request.Form value was det》','https://www.manongdao.com/q-343714.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have one asp.net application, which has some problems while i am entering the special characters such as ": &#, " in the search box. If i enter this text in search box, i got the exception like this.
A potentially dangerous Request.Form value was detected from the client (txtValue=": &#, ").
then i searched on the net, i got one general solution for this that to set the validaterequest to false. But no changes has been made on my application. Please help me for solving this issue. Any response that would be appreciated.
Add a web.config containing
to the directory with the page that has the form in question.
See http://www.asp.net/learn/whitepapers/request-validation for a complete description.
In case you use asp.net 4.0, you may try
See also
A little late, but in agreement with those saying putting this in web.config is a security hole.
I do it with the
[ValidateInput(false)]attribute on the controller in question.ValidateInputis found inSystem.Web.MVCin MVC2I created a table
articlewith columnsarticleIdandarticle_content. I also used html editor forarticle_contentcolumn. When I tried to save I got the same error. It was resolved by adding[AllowHtml]to thearticle_contentproperty in the class.Don’t forget to include the namespace using
System.Web.Mvc. For more details: http://www.infinetsoft.com/Post/A-potentially-dangerous-Request-Form-value-was-detected-from-the-client/1246Using Framework 4.5 the solution is to modify web.config adding following line:
And getting the request as follows: