How to solve this problem?

Discussion in 'ASP .Net' started by =?Utf-8?B?QW5kcmV3?=, Jan 3, 2006.

  1. Happy new year, friends,

    When I tested my asp.net app with a new set of data, I got the following
    error:

    A potentially dangerous Request.Form value was detected from the client
    (TEXTAREA1="...Request = <bitMapMessage type=...").

    Description: Request Validation has detected a potentially dangerous client
    input value, and processing of the request has been aborted. This value may
    indicate an attempt to compromise the security of your application, such as a
    cross-site scripting attack. You can disable request validation by setting
    validateRequest=false in the Page directive or in the configuration section.
    However, it is strongly recommended that your application explicitly check
    all inputs in this case.

    But, I knew it was just our input text of a TextArea1 box which are
    accidently in xml format: e.g. XML Request = <bitMapMessage
    type=0100><acceptorID>......

    How can I let my app accept such kind of input info?

    Thanks a lot.
    =?Utf-8?B?QW5kcmV3?=, Jan 3, 2006
    #1
    1. Advertising

  2. Convert the string using HTMLEncode? That would be the first direction I
    would look.

    --
    Gregory A. Beamer
    MVP; MCP: +I, SE, SD, DBA

    ***************************
    Think Outside the Box!
    ***************************


    "Andrew" wrote:

    > Happy new year, friends,
    >
    > When I tested my asp.net app with a new set of data, I got the following
    > error:
    >
    > A potentially dangerous Request.Form value was detected from the client
    > (TEXTAREA1="...Request = <bitMapMessage type=...").
    >
    > Description: Request Validation has detected a potentially dangerous client
    > input value, and processing of the request has been aborted. This value may
    > indicate an attempt to compromise the security of your application, such as a
    > cross-site scripting attack. You can disable request validation by setting
    > validateRequest=false in the Page directive or in the configuration section.
    > However, it is strongly recommended that your application explicitly check
    > all inputs in this case.
    >
    > But, I knew it was just our input text of a TextArea1 box which are
    > accidently in xml format: e.g. XML Request = <bitMapMessage
    > type=0100><acceptorID>......
    >
    > How can I let my app accept such kind of input info?
    >
    > Thanks a lot.
    >
    =?Utf-8?B?Q293Ym95IChHcmVnb3J5IEEuIEJlYW1lcikgLSBN, Jan 3, 2006
    #2
    1. Advertising

  3. they are really TextArea1.Value pasted by copy/paste memus...

    do you mean I should use HTMLEncode before submit?

    "Cowboy (Gregory A. Beamer) - MVP" wrote:

    > Convert the string using HTMLEncode? That would be the first direction I
    > would look.
    >
    > --
    > Gregory A. Beamer
    > MVP; MCP: +I, SE, SD, DBA
    >
    > ***************************
    > Think Outside the Box!
    > ***************************
    >
    >
    > "Andrew" wrote:
    >
    > > Happy new year, friends,
    > >
    > > When I tested my asp.net app with a new set of data, I got the following
    > > error:
    > >
    > > A potentially dangerous Request.Form value was detected from the client
    > > (TEXTAREA1="...Request = <bitMapMessage type=...").
    > >
    > > Description: Request Validation has detected a potentially dangerous client
    > > input value, and processing of the request has been aborted. This value may
    > > indicate an attempt to compromise the security of your application, such as a
    > > cross-site scripting attack. You can disable request validation by setting
    > > validateRequest=false in the Page directive or in the configuration section.
    > > However, it is strongly recommended that your application explicitly check
    > > all inputs in this case.
    > >
    > > But, I knew it was just our input text of a TextArea1 box which are
    > > accidently in xml format: e.g. XML Request = <bitMapMessage
    > > type=0100><acceptorID>......
    > >
    > > How can I let my app accept such kind of input info?
    > >
    > > Thanks a lot.
    > >
    =?Utf-8?B?QW5kcmV3?=, Jan 3, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. tony

    how to solve file.copy problem

    tony, Aug 23, 2004, in forum: ASP .Net
    Replies:
    3
    Views:
    3,812
    Raghavendra T V
    Aug 26, 2004
  2. Ricardo Matos

    Re: solve IIS limit to 10 connections problem

    Ricardo Matos, Jul 18, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    1,215
    Ricardo Matos
    Jul 18, 2003
  3. Andreas Klemt
    Replies:
    0
    Views:
    437
    Andreas Klemt
    Oct 16, 2003
  4. Miguel Dias Moura
    Replies:
    0
    Views:
    391
    Miguel Dias Moura
    Apr 2, 2004
  5. Miguel Dias Moura
    Replies:
    2
    Views:
    348
    Miguel Dias Moura
    Jun 19, 2004
Loading...

Share This Page