Webform1.aspx
has grid.Grid contain edit button. On click of edit button, user is redirected to webform2.aspx
page. A Querystring id is passed to Webform2.aspx
. Webform2.aspx
shows all data of that id. Webform contain dropdownlist, textboxes and button etc.
I am fetching record from database and assigning to control like dropdownlist, textbox and button. When assigning value to textbox that contain <
or >
and trying to update the record. It throws an exception. Exception is A potentially dangerous Request.Form value was detected from the client
. So I tried to use htmlencode method.
Below is my code In cs file
public partial class Webform1 : System.Web.UI.Page
{
string strUrl="";
protected void Page_Load(object sender, EventArgs e)
{
// Fetching value from database and assigning to string
Textbox1.Text= dr["URL"].ToString();
// directly use string
//strUrl= dr["URL"].ToString();
}
protected void button_Click(object sender, EventArgs e)
{
string s2 ="";
string s3 = "";
strUrl= Textbox1.Text;
if ((strUrl.Contains("<")) || (strUrl.Contains(">")))
{
s2 = Server.HtmlEncode("<");
s3 = Server.HtmlEncode(">");
strUrl= strPingUrl.Replace("<", s2);
strUrl= strPingUrl.Replace(">", s3);
}
Textbox1.Text =strUrl;
// updation code
When I will try to insert it throws exception.Instead of assigning value to textbox if i use string.It is working. I am able to update the record. But I don't want like this. User can change the value in textbox. So I want to take value from textbox.
To disable request validation on a page you must set the validateRequest attribute of the Page directive to false:
<%@ Page validateRequest="false" %>
To disable request validation for your application, you must modify or create a Web.config file for your application and set the validateRequest attribute of the section to false:
<configuration>
<system.web>
<pages validateRequest="false" />
</system.web>
</configuration>
If you wish to disable request validation for all applications on your server, you can make this modification to your Machine.config file.
In .NET 4 you may need to add to web.config:
<httpRuntime requestValidationMode="2.0" />
Details:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.