Request Validation failed in .NET 4.0 even though explicity set in Page Directive
Question
I have a .NET page application that is failing it's request validation because of "bad characters" such as "< / > %". This is a secure admin form behind password protected page, and I need users to be able to enter in these "potentially harmful" characters. This used to be working. But then I moved the directory to a new location and I am getting the below error. I have already explicitly set validateRequest="false" in <%@ Page %> settings. I am running this application as VB.NET 4.0 on a Windows 2012 server on IIS 8.5. Any suggestions to get this page working?
Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see http://go.microsoft.com/fwlink/?LinkID=212874 .
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client
1 answers
solution1
1 ACCPTED 2015-06-03 22:20:39
Found this: http://www.codeproject.com/Tips/297679/A-potentially-dangerous-Request-Form-value-was-det
Make sure the statement is in the right area of your web config file
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.