A potentially dangerous Request.Form value was detected

while trying to execute my script in the front end text box to find the possible script injection in ASP.net. I got the below error,

 

A potentially dangerous Request.Form value was detected from the client (Text="venkat here?"). 


Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: . After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133. 






Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (Text="Venkat Here"). 
  
  
Solution:   
  
1. Add the below content in web.config file, 
  

  
2. Disabling request validation on a page 




  
Cheers, 
Venkatesan Prabu .J 
Head, KaaShiv InfoTech
Ebook Download
View all
Learn
View all