By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,616 Members | 1,198 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,616 IT Pros & Developers. It's quick & easy.

validateRequest="false" not working in web.config or page directive

P: n/a
I'm trying to stop .Net from validating data entered into a textbox. When I
enter < or > .Net returns an error:

potentially dangerous Request.Form value was detected from the client...

so a search on google indicates a couple of options:

1. Add validateRequest = "false" in the page directive. So I add it:

<%@ Page Language="vb" AutoEventWireup="false" Codebehind="addcode.aspx.vb"
Inherits="codelib.addcode" validateRequest="false"%>

but I get the error:

The 'validateRequest' attribute is not supported by the 'page' directive.

2. or add <pages validateRequest="false" /> in system.web of the web.config
file:

but when I do that I get the error:

Parser Error Message: Unrecognized attribute 'validateRequest'.

I guess I cannot use either of these with .Net 2002, which I have. Is there
any way around the first error caused by entering "malicious" code?



Nov 18 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Tim,

This functionality was introduced in version 1.1 of the .NET framework. See
http://msdn.microsoft.com/library/en...protection.asp
for a way to add similar functionality to a version 1.0 application.

HTH,
Nicole

"Tim Zych" <tzych@earth_noworms_link_dotttt.net> wrote in message
news:e4**************@TK2MSFTNGP09.phx.gbl...
I'm trying to stop .Net from validating data entered into a textbox. When
I
enter < or > .Net returns an error:

potentially dangerous Request.Form value was detected from the client...

so a search on google indicates a couple of options:

1. Add validateRequest = "false" in the page directive. So I add it:

<%@ Page Language="vb" AutoEventWireup="false"
Codebehind="addcode.aspx.vb"
Inherits="codelib.addcode" validateRequest="false"%>

but I get the error:

The 'validateRequest' attribute is not supported by the 'page' directive.

2. or add <pages validateRequest="false" /> in system.web of the
web.config
file:

but when I do that I get the error:

Parser Error Message: Unrecognized attribute 'validateRequest'.

I guess I cannot use either of these with .Net 2002, which I have. Is
there
any way around the first error caused by entering "malicious" code?


Nov 18 '05 #2

P: n/a
Thanks for the article. It's over my head but it gives me some good insight.

"Nicole Calinoiu" <ni*****@somewhere.net> wrote in message
news:#7*************@TK2MSFTNGP11.phx.gbl...
Tim,

This functionality was introduced in version 1.1 of the .NET framework. See http://msdn.microsoft.com/library/en...protection.asp for a way to add similar functionality to a version 1.0 application.

HTH,
Nicole

"Tim Zych" <tzych@earth_noworms_link_dotttt.net> wrote in message
news:e4**************@TK2MSFTNGP09.phx.gbl...
I'm trying to stop .Net from validating data entered into a textbox. When I
enter < or > .Net returns an error:

potentially dangerous Request.Form value was detected from the client...

so a search on google indicates a couple of options:

1. Add validateRequest = "false" in the page directive. So I add it:

<%@ Page Language="vb" AutoEventWireup="false"
Codebehind="addcode.aspx.vb"
Inherits="codelib.addcode" validateRequest="false"%>

but I get the error:

The 'validateRequest' attribute is not supported by the 'page' directive.
2. or add <pages validateRequest="false" /> in system.web of the
web.config
file:

but when I do that I get the error:

Parser Error Message: Unrecognized attribute 'validateRequest'.

I guess I cannot use either of these with .Net 2002, which I have. Is
there
any way around the first error caused by entering "malicious" code?



Nov 18 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.