发表新帖
发表新帖

A potentially dangerous Request.Form value was detected from the client (textboxError=“<Response…”)

前端 未结
关注
4 1028
礼貌的吻别
礼貌的吻别 2020-12-03 22:11

I\'m using ozeki ng SMS gateway. I\'m unable to send any SMS to any mobile. Please help me to send SMS through net to mobile

A potentially dangerous Request.Form v

相关标签:
4条回答
  • 面向向阳花
    2020-12-03 23:00

    Your problem is that the value of one of your fields (textboxError) includes XML- or HTML-style tags, which by default are disallowed to avoid developers introducing potential security issues within their applications.

    The solution is given in the error message; you need to add validateRequest="false" in either the @Page directive at the top (omitted in your sample) or in web.config.

    Note that if you're using .net 4, you need to drop back to the validation mode from 2.0, by altering web.config slightly and adding:

    <system.web>
    <httpRuntime requestValidationMode="2.0" />
</system.web>

    See this MSDN article on requestValidationMode for more information on requestValidationMode.

    0 讨论(0)
  • 春和景丽
    2020-12-03 23:02

    Your problem is that the value of one of your fields (textboxError) includes XML- or HTML-style tags, which by default are disallowed to avoid developers introducing potential security issues within their applications.

    The solution is given in the error message; you need to add 

      [HttpPost]
  [ValidateInput(false)]

    In Controller

    0 讨论(0)
  • 梦如初夏
    2020-12-03 23:12

    I found the following solution that enables you to only disable the validation on just one field! (i would hate to disable it for the whole page)

    vb.net:

    Public Class UnvalidatedTextBox
    Inherits TextBox
    Protected Overrides Function LoadPostData(postDataKey As String, postCollection As NameValueCollection) As Boolean
        Return MyBase.LoadPostData(postDataKey, System.Web.HttpContext.Current.Request.Unvalidated.Form)
    End Function
End Class

    c#:

    public class UnvalidatedTextBox : TextBox
{
    protected override bool LoadPostData(string postDataKey, NameValueCollection postCollection)
    {
        return base.LoadPostData(postDataKey, System.Web.HttpContext.Current.Request.Unvalidated.Form);
    }
}

    Now just use <prefix:UnvalidatedTextBox id="test" runat="server" /> instead of <asp:TextBox and it should allow all chars (this is perfect for password fields!)

    0 讨论(0)
  • 庸人自扰
    2020-12-03 23:13

    this just worked for me...

     [HttpPost, ValidateInput(false)]
 public ActionResult updateContact(FormModel model)
 {
    //contents
 }
    0 讨论(0)
 看不清?
提交回复
热议问题