A potentially dangerous Request.Form

Question

Anyone know why I am getting the following error? I have debugging enabled.

Server Error in \'/\' Application.
---------------------------------------------         


        

Answer 1

The post contains HTML elements (the

tag, in your case) - this can be indication of a cross site scripting attack, which is why asp.net does not allow it by default.

You should either HTML encode before submitting (best practice), or disable the warning and potentially expose yourself to XSS.