Yes if the sender is sending data across the wire that is potentially
dangerous and you are aware of that fact , with a hughe XML file with lots
of data it is not so strange that one of the words or tag combinations is in
the list that raises the exception,
Request validation is performed by comparing all input data to a list of
potentially dangerous values. If a match occurs, ASP.NET raises an
HttpRequestValidationException.
note that you can set this property on page level instead of only the
web.config
with
pagesSection.ValidateRequest = False
or
<%@ Page validateRequest="false" %>
However if i were you i would encapsulate the posted data in a validation
object before i would process it anny further ( before you now it some
script kiddy finds the page and tries to execute some harmfull stuff
:-) )
HTH
Michel Posseth [MCP]
"CindyH" <ch*******@new.rr.comschreef in bericht
news:ex**************@TK2MSFTNGP04.phx.gbl...
Hi
I'm using .net 2.0.
I am receiving a http post that is sent
httpUtility.urlencode(doc.Outerxml).
Everything works fine and I can receive the post and parse it, but I need
to set validaterequest="false" or the other side can't post to my side.
Is setting validaterequest="false" the right way to go?
Thanks,
Cindy
