![](/img/trans.png)
[英]A potentially dangerous Request.Form value was detected from the client, encoding help please
[英]potentially dangerous request.form value was detected from the client innerhtml
我有一個使用隱藏字段值呈現表格並運行“文檔就緒”頁面的表格。
在頁面加載中填充代碼的隱藏字段值是:
<div
onclick="GetIcon(this)" style="cursor:pointer;"
URL=~\App_Images\Gallery\MapIcons\administrativeboundary.png >
<img
src=../App_Images/Gallery/MapIcons/administrativeboundary.png
title="administrativeboundary"/>
</div>
#
<div
onclick="GetIcon(this)"
style="cursor:pointer;"
URL=~\App_Images\Gallery\MapIcons\administrativeboundary.png >
<img src=../App_Images/Gallery/MapIcons/administrativeboundary.png
title="administrativeboundary"/>
</div>#
我的函數頁面加載為:
$(document).ready(function() {
RendertblConstantsColumns('tbl_Gallery', 5, 'GColumn');
RenderGalleryTable();
});
function RendertblConstantsColumns(tblid, ColumnNo, Columnid) {
var tblConstants = document.getElementById(tblid);
var tr = document.createElement('tr');
tblConstants.appendChild(tr);
for (var i = 0; i < ColumnNo; i++) {
var td = document.createElement('td');
td.setAttribute('style', 'text-align: right');
td.setAttribute('id', Columnid + i.toString());
tblConstants.appendChild(td);
}
}
function RenderGalleryTable() {
var Gallery = document.getElementById("<%=hdnGallery.ClientID%>");
var Images = Gallery.value.split('#');
for (var i = 0; i < Images.length - 1; i++) {
var Mode = i % 5;
var Column = document.getElementById('GColumn' + Mode.toString());
Column.innerHTML += Images[i];
}
}
我在此頁面上設置ValidateRequest =“ false”和EnableEventValidation =“ false”,但是當運行頁面時,顯示此錯誤消息:
potentially dangerous request.form value was detected from the client
我的堆棧跟蹤是:
at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection)
at System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection)
at System.Web.HttpRequest.get_Form()
at System.Web.HttpRequest.get_Item(String key)
at ASP.global_asax.Application_PreRequestHandlerExecute(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
編輯:我在服務器中填充這樣的隱藏字段:
string HTML = "";
HTML += "<div onclick=\"GetIcon(this)\" style=\"cursor:pointer;\"" + " URL=" + URL + " ><img " + "src=../App_Images/Gallery/MapIcons/" + ImageName + " " + "title=\"" + ImageName.Split('.')[0] + "\"" + "/></div>#";
hdnGallery.Value = HTML;
通常,解決方案是對正在發送到服務器的有害數據進行HTML編碼。
由於錯誤是在運行時發生的,因此請嘗試確定可能觸發JavaScript的代碼行來觸發錯誤。
請在web.config文件中進行必要的設置:-
<system.web>
<requestValidationMode="2.0" />
</system.web>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.