How can Request Validation be disabled for HttpHandlers?

Question

Is it possible to disable request validation for HttpHandlers?

A bit of background - I\'ve got an ASP.NET web application using an HttpHandler to receive the payment

Answer 1

On IIS6 you can simply add validate="false" in the web.config registration.

<add path="handler.axd" type="Foo.Bar.MyHandler" verb="*" validate="false" />

If anyone could shed some light on how to accomplish this in IIS7's integrated mode, it would be extremely helpful too.

Answer 2

it is quite easy. Change the following snippet to match the handler path and add in your web.config:

<configuration>
  ....
  <location path="YOUR HANDLER PATH" allowOverride="true">
    <system.web>
      <httpRuntime requestValidationMode="2.0" />
      <pages validateRequest="false" />
    </system.web>
  </location>
</configuration>

Answer 3

For IIS7 we've been adding/modifying the following key in web.config

see http://www.asp.net/learn/whitepapers/aspnet4/breaking-changes#0.1__Toc256770147