Error : A potentially dangerous Request.Form value was detected from the client
July 26, 2006 at 6:10 am 14 comments
This occurs when we try to post html code. The server will validate the postdata, if it find that its an HTML code, error something similar to this is shown. This actually helps to prevent running malicious script. If you really want to post the html content add this to the page directive validateRequest=”false”.
You can also do this from the web.config like this
<pages validateRequest=”false” />
Entry filed under: ASP.NET Tips.
14 Comments Add your own
Leave a comment
Trackback this post | Subscribe to the comments via RSS Feed
1. venkat | October 13, 2006 at 7:17 am
superb
2. Dave | November 14, 2006 at 7:31 pm
How to prevent error “A potentially dangerous Request.Form value…”
The error happens when you enter HTML or other special characters in a TextBox on an Asp.Net page. To fix it do the following.
*** Step 1:
In ASPX file, add validateRequest=”false” to the line at the top of the page.
*** Step 2:
Add the code below to your web page.
Private Sub PageTextBoxHTMLEncode()
‘ routine to HTML encode all text boxes on the page
Dim a As Control
For Each a In Me.Controls
If TypeOf a Is TextBox AndAlso _
CType(a, TextBox).Text.Trim.Length > 0 Then
CType(a, TextBox).Text = HttpUtility.HtmlEncode(CType(a, TextBox).Text.Trim)
End If
Next
End Sub
*** Step 3:
On page load, always call the routine:
‘ HTML encode each TextBox to prevent errors
Call PageTextBoxHTMLEncode()
Note there may be some additional work if you have potentially dangerous controls other than TextBoxes (System.Web.UI.WebControls.TextBox).
3. Lakshmi | December 28, 2007 at 9:37 am
Is This wont effect other serverside validations?
4. NikolRU | February 20, 2008 at 5:03 pm
Горнолыжный курорт Красная Поляна – бронирование гостиниц и отелей.
Наши квалифицированные менеджеры подберут вам наиболее подходящий вариант.
http://www.krasnaya-polyana-hotels.ru
5. prasad | March 21, 2008 at 2:42 pm
but remember that if you turn validation off and use labels instead of literal controls to display text…it could be a security problem and code could be executed through textboxes. More explained here.
http://digdotnet.blogspot.com/2008/03/literal-control-vs-label-control.html
prasad.
6. aaa | April 5, 2008 at 4:10 am
7. Jagadeesh | May 21, 2008 at 2:52 pm
It Worked Thanks a Lot
8. kjk | January 13, 2009 at 11:16 am
sdfg
9. exovaTakTaige | June 4, 2009 at 2:37 am
Sweet blog. I never know what I am going to come across next. I think you should do more posting as you have some pretty intelligent stuff to say.
I’ll be watching you . 🙂
10. Bill Bartmann | September 4, 2009 at 2:05 am
Cool site, love the info.
11. sad angle | December 17, 2010 at 10:31 pm
thanks! sr i don’t know english ^^
12. blahblah1233445 | December 24, 2011 at 7:22 am
alert(document.cookie);
13. Aquaponics 4 You Review | July 28, 2013 at 9:37 pm
Can you picture that?
14. Fat Loss 4 Idiots Free Download | August 2, 2013 at 11:53 am
Fat Loss four Idiots – How To Shed 9bls In 11 Days The very best thing that has ever occurred in the
dieting and weight loss globe has to be Fat loss 4 idiots.