ASP.NET MVC 5 A potentially dangerous Request.Form value was detected from the client

Question

I'm trying to send a form request to an action, also one of my inputs is from text editor which contains HTML tags. The problem is I get the error below:

A potentially dangerous Request.Form value was detected from the client

Also I've put [AllowHtml] in the model:

[UIHint("Html")]
    [AllowHtml]
    [Display(Name = "Description")]
    public string Description { get; set; }

and this code in the action:

[HttpPost]
    [ValidateInput(false)]
    [ValidateAntiForgeryToken]
    public virtual async Task<ActionResult> Create(ProductViewModel viewModel)
    {
        if (!ModelState.IsValid)
        {
            var groups = await _groupService.GetAllAsync();
            viewModel.GroupList =
                groups.Select(p => new SelectListItem {Text = p.Title, Value = p.Id.ToString()}).ToList();
            return View(viewModel);
        }

        _productService.Insert(viewModel);
        return RedirectToAction("Index");
    }

so what's the problem?

Have you tried the below solution ? http://stackoverflow.com/a/3368769/2106928 — Venkatesan Rethinam, Jul 19 '16 at 06:22
follow this post http://stackoverflow.com/questions/21672855/a-potentially-dangerous-request-form-value-was-detected-from-the-client-mvc4 — Haitham Elsheshtawy, Mar 15 '17 at 13:29
This helped me: https://stackoverflow.com/a/4866070/1245184. Make sure you don't call Request.Form or Request.Params anywhere in your code, as that bypasses [AllowHtml]. Check within custom validators, filters, or model binders. — Ber'Zophus, Jun 02 '17 at 15:57

ASP.NET MVC 5 A potentially dangerous Request.Form value was detected from the client

0 Answers0