ValidateRequest ="false" error

Martin Colmenares

After I set my <%@ page ValidateRequest ="false" %> , I still get the
error illustrated below. The msdn mentioned something about filtering
using the HTMLEncode. This is a snippet of the code that should display
the result.

</head>
<body MS_POSITIONING= "GridLayout " bgcolor="gainsb oro">
<form id="Form1" method="post" runat="server">
<INPUT style="Z-INDEX: 101; LEFT: 248px; POSITION:absolu te; TOP:184px"
type="button" value=" OK " onclick="OnOK() ;" tabindex="3">
<INPUT style="Z-INDEX: 102; LEFT: 304px; POSITION:absolu te; TOP:184px"
type="button" value="Cancel" onclick="OnCanc el();" tabindex="4">
<TEXTAREA id="Description " style="Z-INDEX: 103; LEFT: 56px; WIDTH:320px;
POSITION: absolute; TOP: 88px; HEIGHT: 70px" rows="4" cols="37"
tabindex="2"></textarea>
<DIV style="DISPLAY: inline; FONT-WEIGHT: bold; Z-INDEX: 104; LEFT:24px;
WIDTH: 296px; POSITION: absolute; TOP: 56px; HEIGHT: 24px"
ms_positioning= "flowlayout">de scription
of changes:</div>
<DIV style="DISPLAY: inline; FONT-WEIGHT: bold; Z-INDEX: 105; LEFT:24px;
WIDTH: 70px; POSITION: absolute; TOP: 24px; HEIGHT: 15px"
ms_positioning= "flowlayout">re vision:</div>
<INPUT id="Revision" style="Z-INDEX: 106; LEFT: 112px;
POSITION:absolu te; TOP: 24px" type="text" tabindex="1">
</form>
</body>

Server Error in 'name of app' Application.
------------------------------------------------------------------------
--------

A potentially dangerous Request.Form value was detected from the client
(RevisionHistor yTable=" <TABLE border=1 styl...").
Description: Request Validation has detected a potentially dangerous
client input value, and processing of the request has been aborted. This
value may indicate an attempt to compromise the security of your
application, such as a cross-site scripting attack. You can disable
request validation by setting validateRequest =false in the Page
directive or in the configuration section. However, it is strongly
recommended that your application explicitly check all inputs in this
case.

Exception Details: System.Web.Http RequestValidati onException: A
potentially dangerous Request.Form value was detected from the client
(RevisionHistor yTable=" <TABLE border=1 styl...").

Source Error:

An unhandled exception was generated during the execution of the current
web request. Information regarding the origin and location of the
exception can be identified using the exception stack trace below.

Stack Trace:
[HttpRequestVali dationException (0x80004005): A potentially dangerous
Request.Form value was detected from the client (RevisionHistor yTable="
<TABLE border=1 styl...").]
System.Web.Http Request.Validat eString(String s, String valueName,
String collectionName) +230

System.Web.Http Request.Validat eNameValueColle ction(NameValue Collection
nvc, String collectionName) +99
System.Web.Http Request.get_For m() +121
System.Web.UI.P age.GetCollecti onBasedOnMethod () +70
System.Web.UI.P age.DeterminePo stBackMode() +47
System.Web.UI.P age.ProcessRequ estMain() +2106
System.Web.UI.P age.ProcessRequ est() +218
System.Web.UI.P age.ProcessRequ est(HttpContext context) +18

System.Web.Call HandlerExecutio nStep.System.We b.HttpApplicati on+IExecutio
nStep.Execute() +179
System.Web.Http Application.Exe cuteStep(IExecu tionStep step, boolean&
completedSynchr onously) +87

------------------------------------------------------------------------
--------
Version Information: Microsoft .NET Framework Version:1.1.432 2.573;
ASP.NET Version:1.1.432 2.573

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Nov 17 '05 #1

Subscribe Reply

6464

Similar topics

2426

Request.Form error - idHidxml="<recordset><record>

by: Tom | last post by:

Hi I have an aspx page which has javascript to configure xmldata. I added breakpoint to the button method. When I click submit button, it did not go to those breakpoint and show the following error System.Web.HttpRequestValidationException (0x80004005) Detect the potential danger of Request.Form value from client side (idHidxml="<recordset><record><...") System.Web.HttpRequest.ValidateString(String s, String valueName, String...

C# / C Sharp

1820

"Unable to Validate Data"- System.Web.HTTPException

by: Peter O'Reilly | last post by:

I receive the following error when I post a webpage: "Unable to validate error" - System.Web.HTTPException. The web page is an ASP WebForm page. I have a few controls on the page that when selected (e.g. ASP.NET calendar control, HTML radio/option buttons), a postback occurs. In addition, I have a input button, that when clicked, initiates a HTTP Post Request. Notably the input button utilizes client side javascript to change the

ASP.NET

15883

validateRequest="false" not working in web.config or page directive

by: Tim Zych | last post by:

I'm trying to stop .Net from validating data entered into a textbox. When I enter < or > .Net returns an error: potentially dangerous Request.Form value was detected from the client... so a search on google indicates a couple of options: 1. Add validateRequest = "false" in the page directive. So I add it: <%@ Page Language="vb" AutoEventWireup="false" Codebehind="addcode.aspx.vb"

ASP.NET

1788

"Including" multiple files?

by: farmer | last post by:

I need "include" multiple classes from multiple files such as: <%@ Page Language="C#" Debug="true" ValidateRequest="false" Src="~/Auth/Pub/Auth.cs"%> <%@ Page Language="C#" Debug="true" ValidateRequest="false" Src="~/Edit/Item.cs"%> But the compile says can't use more than one "@Page" directive. Or,I need to "include" another class from a .cs into a currently .ascx using:

ASP.NET

2067

*WITHOUT* using: ValidateRequest="False" for the whole page (or my whole site)....

by: \A_Michigan_User\ | last post by:

*WITHOUT* using: ValidateRequest="False" for the whole page (or my whole site).... How would I trap/detect that a textBox contains some illegal characters? (I'm using asp.net v1.1 and vb.net) Thanks.

ASP.NET

2183

validateRequest ="false" for single control or on demand for page?

by: Edwin Knoppert | last post by:

My usercontrol posts some html code, asp.net complains and therefore i set validateRequest ="false" But i would like to set it for the single textbox and not the whole page or all pages. If this can not be done, can i set this flag on demand from code (from inside the usercontrol). ?

ASP.NET

3768

Theme="BasicBlue" where is it?

by: jobs | last post by:

I'm running vs2005 and asp.net framework 2.0 I thought adding the new preset them was just adding it to the directive: <%@ Page Language="VB" Theme="BasicBlue" AutoEventWireup="false" CodeFile="x.aspx.vb" Inherits="_Replicator" ValidateRequest="false" MaintainScrollPositionOnPostback="true" %> I'm getting:

ASP.NET

1004

ValidateRequest="false" and HttpUtility.UrlEncode(Doc.OuterXml)

by: CindyH | last post by:

Hi I'm using .net 2.0. I am receiving a http post that is sent httpUtility.urlencode(doc.Outerxml). Everything works fine and I can receive the post and parse it, but I need to set validaterequest="false" or the other side can't post to my side. Is setting validaterequest="false" the right way to go? Thanks, Cindy

ASP.NET

2162

httpUtility.urlencode(doc.Outerxml) and validaterequest="false"

by: CindyH | last post by:

Visual Basic .NET

9589

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...

General

10216

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

10049

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...

Online Marketing

9865

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...

General

7413

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

5309

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...

Networking - Hardware / Configuration

3965

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

C# / C Sharp

3565

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP

2815

Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy

by: bsmnconsultancy | last post by:

In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

General