Thursday, November 22, 2012

A potentially dangerous request.querystring value was detected from the client asp.net


Last Week, while working on an ASP.NET Web project, I got an issue. The issue was, when I am trying to pass unencoded HTML content into a querystring I got an error something like ”A potentially dangerous Request. Form value was detected from the client”. After that I surf through the net and then got a solution. Here are possible solution which may help you. Put this below script in existing “page” directive in that .aspx file.

<%@ Page validateRequest="false" %>

If you are having more pages in your project means its very difficult to put this code in each page.so add this below tag in Web.Config file to access it globally

<configuration>
<system.web>
<pages validateRequest="false" />
</system.web>
</configuration>

If you are using .Net 4.0 than you have to make one more change in Web.Config file. Add this tag in section.
<httpRuntime  requestValidationMode="2.0" />

If You are facing the same problem in ASP.NET MVC 3.
Add this below code in Application_Start() method.

GlobalFilters.Filters.Add(new ValidateInputAttribute(false));

Note: When disabling the request validation on the application make sure to validate the entire application

No comments:

Find a cool free stuff everyday

Giveaway of the Day

Hiren Bharadwa's Posts

DotNetJalps