Shulou(Shulou.com)06/03 Report--

This article mainly explains how to solve the potentially dangerous request. Form value "error" detected from the client in asp.net. The explanation in the article is simple and clear, and easy to learn and understand. Please follow the editor's train of thought to study and learn how to solve the potentially dangerous request. Form value "error" from the client in asp.net.

When submitting the form, asp.net prompts: "potentially dangerous Request.Form values detected from the client (.)." The request verification feature in asp.net provides a certain level of protection against XSS attacks, and request verification for asp.net is initiated by default.

Common solution for asp.net 2.0

Option 1:

Add the page entry in the .aspx file to ValidateRequest= "false" as follows:

Option 2:

Modify web.config configuration file

Summary: we know that validateRequest turns off validation, which means that when submitting values with tags, such as bold, ASP.NET will not report an error. Scenario one is recommended here, because scenario one only modifies the test.aspx page; if scenario two is used, the entire solution becomes ValidateRequest= "false".

Asp.net 4.0workaround

4. 0 is the same as 2. 0, but it is important to note that starting with. Net Framework 4. 0, asp.net begins to enforce Request parameter security, and we can restore the version 2. 0 mode by modifying Web.config.

The methods are as follows:

Modify Web.config to increase the value of requestValidationMode= "2.0" attribute

What does it mean by adding a requestValidationMode in 4. 0?

RequestValidationMode has two values:

2.0 enable request authentication only for web pages. Whether it is enabled or off depends on validateRequest.

4.0 default value. Any HTTP request enables request authentication, that is, not only web pages, but also Cookie, and so on. It is forced to be enabled at this time, regardless of the value of validateRequest.

Because requestValidationMode= "4.0" is mandatory, we will find that we cannot turn off request verification by setting validateRequest alone in .NET Framework 4.0. we also have to set requestValidationMode to 2.0.

Thank you for your reading, the above is the content of "how to solve the potentially dangerous request. Form value error" detected from the client in asp.net. After the study of this article, I believe you have a deeper understanding of how to solve the problem of "request. Form value detected from the client side" error in asp.net, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.