A potentially dangerous Request.Form value was detected from the client

前端 未结 30 2224
刺人心
刺人心 2020-11-21 05:24

Every time a user posts something containing < or > in a page in my web application, I get this exception thrown.

I don\'t want to go

30条回答
  •  一整个雨季
    2020-11-21 05:39

    If you are on .NET 4.0 make sure you add this in your web.config file inside the tags:

    
    

    In .NET 2.0, request validation only applied to aspx requests. In .NET 4.0 this was expanded to include all requests. You can revert to only performing XSS validation when processing .aspx by specifying:

    requestValidationMode="2.0"
    

    You can disable request validate entirely by specifying:

    validateRequest="false"
    

提交回复
热议问题