1

"A potentially dangerous Request.Form value was detected from the client"

I know the reason why I am getting this error screen, and I have read thru all the other questions asked here, and most answers along with the suggestion on the error screen says to put:

<httpRuntime requestValidationMode="2.0" />

and

<pages validateRequest="false" />

in the Web.Config file, which I have done, as you can see here:

<?xml version="1.0" encoding="utf-8"?>

<configuration>
  <system.web>
  <httpRuntime requestValidationMode="2.0" /><pages validateRequest="false" />
    <compilation debug="true" targetFramework="4.0"><assemblies><add assembly="System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /></assemblies></compilation>
 <customErrors mode="Off" />
 </system.web>
    <system.data>
      <DbProviderFactories>
         <remove invariant="System.Data.SqlServerCe.4.0" />
        <add invariant="System.Data.SqlServerCe.4.0" name="Microsoft® SQL Server® Compact 4.0" description=".NET Framework Data Provider for Microsoft SQL Server Compact" type="System.Data.SqlServerCe.SqlCeProviderFactory, System.Data.SqlServerCe, Version=4.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />
    </DbProviderFactories>
  </system.data>
</configuration>

I am using asp.net in Webmatrix 2.0 if that is of any help. I have searched everywhere to find a different solution but every one is saying the validation mode and validate request thing, and still it's not working, does anyone know any other possible reasons as to why?

Ben
  • 83
  • 8

1 Answers1

2

With Web Pages you can switch Request Validation off for an individual form field using the Request.Unvalidated() method.

Read the "HTML Input And XSS Attacks" chapter of this good Mike Brind's article: WebMatrix - Protecting Your Web Pages Site.

GmG
  • 1,362
  • 1
  • 9
  • 10