Tuesday, July 5, 2011

.NET Framework 4: a potentially dangerous request.form value was detected from the client .

Put
<pages validateRequest="false" /> 
inside  <system.web> or encode the user's input by using
Server.HtmlEncode( TextBox1.Text );

and if you are running on .NET 4, insert the following
<httpRuntime requestValidationMode="2.0" />
in web.config

No comments:

Post a Comment