Thursday, November 22, 2012

A potentially dangerous request.querystring value was detected from the client

Last Week, while working on an ASP.NET Web project, I got an issue. The issue was, when I am trying to pass unencoded HTML content into a querystring I got an error something like ”A potentially dangerous Request. Form value was detected from the client”. After that I surf through the net and then got a solution. Here are possible solution which may help you. Put this below script in existing “page” directive in that .aspx file.

<%@ Page validateRequest="false" %>

If you are having more pages in your project means its very difficult to put this code in each add this below tag in Web.Config file to access it globally

<pages validateRequest="false" />

If you are using .Net 4.0 than you have to make one more change in Web.Config file. Add this tag in section.
<httpRuntime  requestValidationMode="2.0" />

If You are facing the same problem in ASP.NET MVC 3.
Add this below code in Application_Start() method.

GlobalFilters.Filters.Add(new ValidateInputAttribute(false));

Note: When disabling the request validation on the application make sure to validate the entire application
Post a Comment

Find a cool free stuff everyday

Giveaway of the Day

Hiren Bharadwa's Posts