Skip navigation
Menu
Software Development>Development Techniques and Management

How to overcome error "A Potentially dangerous Request.Form Value".

In order to avoid script injection attacks(where forms are used as a way that hackers tried to break in to Microsoft systems through applications. ) .NET has added strong monitoring to form data entry that will sniff out "potentially dangerous" strings entered via a form.Thats why special chars in forms will throw this error.To avoid this we need to do the following

Set the page directive

<%@ Page validateRequest="false"  %>

Secondly we need to HTMLencode all your form data . This way any seemingly dangerous characters that look like application code such as "<" or ">" will be converted to their harmless encoded values

Eg. server.HTMLEncode(text1.text)

 

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
Microsoft's GitHub offices
Microsoft’s AI Copilot Is Starting to Automate the Coding Industry
Apr 17, 2024
digital world map on warehouse background
How To Build an International Shipping Software System
Jan 30, 2024
artificial intelligence concept art
Top 10 AI Stories of 2023
Dec 19, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023