发表新帖
发表新帖

A potentially dangerous Request.Form value was detected from the client - ASP.NET MVC

后端 未结
关注
5 674
傲寒
傲寒 2020-12-06 04:03

I am getting this error in my ASP.NET MVC application where I am taking HTML input from a WYSIWYG so I don\'t want the content validated.

I have attempted the soluti

相关标签:
5条回答
  • 你的背包
    2020-12-06 04:22

    use <httpRuntime requestValidationMode="2.0" /> in web config

    0 讨论(0)
  • 别那么骄傲
    2020-12-06 04:28

    Just place this attribute: [ValidateInput(false)] on the action method on the controller that handles the form post.

    0 讨论(0)
  • 予麋鹿
    2020-12-06 04:37

    In MVC you would use the ValidateInput(false) attribute.

    You then need to sanitize your inputs, e.g. with something like this (built in to ASP.NET 4.5+; use NuGet package for earlier).

    0 讨论(0)
  • 深忆病人
    2020-12-06 04:40

    In your controller action method, (the one which is bringing this) add [ValidateInput(false)]

    Example 

        [HttpPost]
    [ValidateInput(false)]
    public ActionResult Insert(FormCollection formCollection, Models.Page page)
    {
        //your code
        return View();
    }
    0 讨论(0)
  • 礼貌的吻别
    2020-12-06 04:42

    In MVC 3 and later, you can also use the [AllowHtml] attribute. This attribute allows you to be more granular by skipping validation for only one property on your model.

    https://docs.microsoft.com/en-us/dotnet/api/system.web.mvc.allowhtmlattribute?view=aspnet-mvc-5.2

    0 讨论(0)
 看不清?
提交回复
热议问题