|
Turning off 'A potentially dangerous Request.Form value was detected from the client' (ASP.Net) |
|
|
Written by: Justin Rich
Turning off 'A potentially dangerous Request.Form value was detected from the client'This error occurs when a text box is submitting characters that can potentially be used to hack your database or your ASP.Net program. Injection attacks occur when the program doesn't properly handle the inbound text, removing the potentially dangerous commands before trying to query a database or execute scripts. With ASP.Net, Microsoft automatically built in some protection to help stop the injection attacks by automatically making your pages validate the string fields first. To turn this off, you have to go to the .aspx page and at the very top, find the page directive. It should look like this:
<%@ Page Language="vb" AutoEventWireup="false" Codebehind="myPage.aspx.vb" Inherits="namespace.myPage"%>
To turn off the validation, you will need to add this code to any part of the Page directive:
ValidateRequest="false"
And your final page directive should look like this:
<%@ Page Language="vb" AutoEventWireup="false" Codebehind="myPage.aspx.vb" Inherits="namespace.myPage" ValidateRequest="false"%>
If you're using C#, it will look slightly different in the Language & Codebehind items, but essentially the same. Still just needs the ValidateRequest set to false. |
|
|
|
|
|