less than 1 minute read

So you have upgraded a web application from .NET 2.0 to .NET 4.0 or higher and now you are getting errors that say there is a potentially dangerous request.:

System.Web.HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ctl00$Body$ucSettings$tbText="<Settings><TypeID>10...").
at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection)
at System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection)

And you specifically allow <> tags in your control by setting the ValidateRequest=”false” on the page? Well this would be because a change in .NET 4.0 makes it so this settings isn’t enough. Now you have to add the following to the web.config to revert Request Validation back to 2.0:

<system.web>
     <httpRuntime requestValidationMode="2.0" />
</system.web>

Remember not to duplicate your tags. If you want to do this just for a specific page you can also do this:

<location path="[PageRequiring].aspx">
     <system.web>
         <httpRuntime requestValidationMode="2.0" />
     </system.web>
</location>

Remember though, that if you disable Request Validation, you should have some other means programmed in to validate the incoming data.

You may also enjoy

Welcome to Jekyll!

less than 1 minute read

You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different wa...

Enabling CORS with WebAPI

less than 1 minute read

One common problem with WebAPI is when you have cross domain requests coming in and the browser will reject the request since the server does not send the ap...

Mirror your Kindle Fire to your SmartTV

1 minute read

Mirroring allows you to send your screen and audio to the TV. We have used this for a few reasons. Sometimes my kids like to watch me play a few games so we ...