Tutorials
- ASP.NET
- C#
- C++
- Java
- JavaScript
- MySQL
- PHP
- Ruby
- SQL
- VB.NET
Code
How To
News
Pictures
Videos
Icons
Newsgroups

Building a C# Chat Client and Server

A step by step tutorial teaching you how to create your own chat client and chat server easily in C#, for local networks or the Internet.

in C# Programming Tutorials

Getting Hard Drive Information

A C# tutorial showing you how to make use of WMI to extract information on disk drives, such as model, capacity, sectors and serial number.

in C# Programming Tutorials

UPS Shipping Calculator

This tutorial will teach you how to calculate the shipping cost based on the weight, height, length and depth of the box, the distance and the UPS service type.

in PHP Programming Tutorials

Create Your Own Rich Text Editor

Creating a Rich Text Editor using JavaScript is easier to do than you might think, thanks to the support of modern browsers; this tutorial will walk you through it.

in JavaScript Programming Tutorials

Tutorials

Programming Tutorials

ActionScript (5)
ASP (7)
ASP.NET (28)
Assembly (1)
C (6)
C# (132)
C++ (33)
CSS (6)
General (4)
HTML (6)
Java (28)
JavaScript (38)
MySQL (2)
Objective C (1)
Pascal (1)
PHP (61)
Python (3)
Ruby (18)
Silverlight (1)
SQL (8)
VB.NET (5)
Visual Basic (3)

IT Jobs

From CareerBuilder

Geekpedia » ASP.NET Knowledge Base » A potentially dangerous Request.Form value was detected from the client

A potentially dangerous Request.Form value was detected from the client

On Saturday, June 3rd 2006 at 01:40 PM

By Andrew Pociu (View Profile)

(Rated 3.5 with 10 votes)

More ASP.NET Resources

If you are receiving the A potentially dangerous Request.Form value was detected from the client error while a PostBack occurs (submitting a form, for instance) it is most likely because in the PostBack content, there are HTML or HTML-like tags. This is ASP.NET's defense mechanism that prevents the users of a website to try and inject code into forms, as a way to hack into the websites.

To fix this, you can set the validateRequest attribute to false, either for the entire ASP.NET web application, or just for one page. To disable validateRequest for a single page, go to that page's Page attribute (located at the top of the markup), and set validateRequest to false, as you can see at the end of the example below:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="SamplePage.aspx.cs" MasterPageFile="DefaultLayout.master" Inherits="Admin_SamplePage" ValidateRequest="false" %>

If you prefer to set this value for all the pages in your ASP.NET web application, open (or create) the web.config file and add the <pages validateRequest="false" /> tag inside the system.web tag, as shown in the example below:

<configuration>
  <system.web>
    <pages validateRequest="false" />
  </system.web>
</configuration>

Digg It!

Del.icio.us Reddit

StumbleIt

Newsvine

Furl

BlinkList

Rate this Knowledge Base article

Current Comments

by on Tuesday, June 27th 2006 at 12:36 PM

by jilu on Friday, July 21st 2006 at 01:21 PM

by on Friday, July 21st 2006 at 01:22 PM

<table id ="123" border ="2">
<tr>
<td> hello</td>
<td> programmers </td>
</tr>
</table>

by on Friday, July 21st 2006 at 01:24 PM

by on Thursday, August 10th 2006 at 01:29 PM

by blah on Wednesday, August 23rd 2006 at 12:39 PM

by <b>tae</b&g on Monday, February 12th 2007 at 11:08 PM

by Ric on Friday, February 23rd 2007 at 05:05 PM

Nice article

by jacobagbobli on Thursday, March 1st 2007 at 10:15 AM

thanks fo your approval

goodbye

by jacobagbobli on Thursday, March 1st 2007 at 10:18 AM

by LucifeR on Monday, June 18th 2007 at 07:51 AM

that\'s nice ... and i think most of us know that .. but i want a way to go around ValidateRequest from my page ... from the html page .. not from the asp page ..

by Sam on Thursday, July 5th 2007 at 03:59 AM

This is not a security way. Plz gve some useful ideas...THKS...........

by nitin on Tuesday, August 14th 2007 at 06:44 AM

thanks, this is what i was searching for long time.

by john on Thursday, September 6th 2007 at 04:11 PM

You're kidding, right? What a terrible answer. Use a regex validator to validate the textbox against a regular expression of available values - for instance, a description textbox - slap a regex in the validator and it'll check on postback.

by Vinay Mistry on Friday, September 14th 2007 at 08:41 AM

Thanks to all they help me to solve my ERROR.

Thank
Vinay Mistry

by gideon ntiri on Saturday, October 20th 2007 at 08:49 AM

thanks

by william arthur sowah on Thursday, November 8th 2007 at 04:44 AM

please send me free mobile phones. thanks.

by KORTEY ERNEST on Sunday, November 18th 2007 at 12:12 PM

please send me webcam

by Jimmy Hat on Monday, March 3rd 2008 at 06:35 PM

by abcd on Tuesday, April 15th 2008 at 01:56 AM

by basit osman on Saturday, April 19th 2008 at 08:54 AM

to camisco p.o. box 131 ashaiman ghana w/a thanks..............

by 3435 on Wednesday, April 23rd 2008 at 06:31 AM

<SCRIPT>alert(\"hello from script\")</SCRIPT>

by test on Thursday, November 13th 2008 at 05:32 PM

'or 1 select * from user

by Some Gal on Monday, December 1st 2008 at 05:41 PM

by JAjaj on Tuesday, December 2nd 2008 at 05:36 PM

by adsad on Wednesday, December 31st 2008 at 03:32 AM

<\br>

by Test on Wednesday, February 18th 2009 at 03:41 AM

<><>><><

by yyyy on Monday, March 9th 2009 at 07:57 AM

by yyyy on Monday, March 9th 2009 at 07:58 AM

by yyyy on Monday, March 9th 2009 at 07:58 AM

by > on Tuesday, April 7th 2009 at 04:07 AM

sdfdsfsd

by > on Tuesday, April 7th 2009 at 04:08 AM

sdfdsfsd

by > on Tuesday, April 7th 2009 at 04:08 AM

sdfdsfsd

by yyyy on Wednesday, April 29th 2009 at 11:20 AM

by georgeeshun on Tuesday, June 23rd 2009 at 03:30 PM