Problem in Accepting Xml Data in TextBox

Discussion in 'ASP .Net' started by Sandeep Singh Sekhon, Jul 6, 2006.

  1. I am Developing a Web Application in ASP.NET 1.1 with C#.
    I want to accept Xml Data with proper tags through Text Box in my page.
    But when I press Submit Button to upload the data, it gives me the
    following Error


    > Server Error in '/' Application.
    > --------------------------------------------------------------------------------
    >
    > A potentially dangerous Request.Form value was detected from the client (TextBox1="<Property><Propertie...").
    > Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.
    >
    > Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (TextBox1="<Property><Propertie...").
    >
    > Source Error:
    >
    > An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
    >
    > Stack Trace:
    >
    >
    > [HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (TextBox1="<Property><Propertie...").]
    > System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName)
    > System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName) +99
    > System.Web.HttpRequest.get_Form() +113
    > System.Web.UI.Page.GetCollectionBasedOnMethod() +69
    > System.Web.UI.Page.DeterminePostBackMode() +47
    > System.Web.UI.Page.ProcessRequestMain() +2106
    > System.Web.UI.Page.ProcessRequest() +218
    > System.Web.UI.Page.ProcessRequest(HttpContext context) +18
    > System.Web.CallHandlerExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute() +179
    > System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87
    >
    >
    >
    >
    > --------------------------------------------------------------------------------
    > Version Information: Microsoft .NET Framework Version:1.1.4322.573; ASP.NET Version:1.1.4322.573




    Please help me. Thanks in advance.


    Regards,
    Sandeep Singh Sekhon
    Sandeep Singh Sekhon, Jul 6, 2006
    #1
    1. Advertising

  2. Hi,

    Thank you for your post.

    ASP.NET 1.1 added the ValidateRequest attribute to protect your site from
    cross-site scripting. For more information on cross-site scripting, you can
    refer to following article:

    #Cross-site scripting
    http://en.wikipedia.org/wiki/Cross_site_scripting

    By default, request validation is enabled in Machine.config. You can turn
    off this feature in web.config:

    <system.web>
    <pages validateRequest="false" />
    </system.web>

    Or you can disable request validation on a page-by-page basis:

    <%@ Page Language="C#" ValidateRequest="false" %>

    Hope this helps. Please feel free to post here if anything is unclear.

    Regards,
    Walter Wang (, remove 'online.')
    Microsoft Online Community Support

    ==================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    ==================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
    Walter Wang [MSFT], Jul 6, 2006
    #2
    1. Advertising

  3. Walter Wang [MSFT] wrote:
    > Hi,
    >
    > Thank you for your post.
    >
    > ASP.NET 1.1 added the ValidateRequest attribute to protect your site from
    > cross-site scripting. For more information on cross-site scripting, you can
    > refer to following article:
    >
    > #Cross-site scripting
    > http://en.wikipedia.org/wiki/Cross_site_scripting
    >
    > By default, request validation is enabled in Machine.config. You can turn
    > off this feature in web.config:
    >
    > <system.web>
    > <pages validateRequest="false" />
    > </system.web>
    >
    > Or you can disable request validation on a page-by-page basis:
    >
    > <%@ Page Language="C#" ValidateRequest="false" %>
    >
    > Hope this helps. Please feel free to post here if anything is unclear.
    >
    > Regards,
    > Walter Wang (, remove 'online.')
    > Microsoft Online Community Support
    >
    > ==================================================
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    > ==================================================
    >
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    >

    Thanks Wang for your reply. My Application now works with your solution.

    Regards,
    Sandeep
    Sandeep Singh Sekhon, Jul 7, 2006
    #3
  4. Hi Sandeep,

    Appreciate your update and response. I am glad to hear that the problem has
    been fixed. If you have any other questions or concerns, please do not
    hesitate to contact us. It is always our pleasure to be of assistance.

    Have a nice day!

    Regards,
    Walter Wang (, remove 'online.')
    Microsoft Online Community Support

    ==================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    ==================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
    Walter Wang [MSFT], Jul 7, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Bogdan Zamfir

    Accepting date in Webform textbox

    Bogdan Zamfir, Aug 18, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    331
    Bogdan Zamfir
    Aug 18, 2003
  2. =?Utf-8?B?dGhlIGZyaWVuZGx5IGRpc3BsYXkgbmFtZQ==?=

    Accepting certain tags in a textbox

    =?Utf-8?B?dGhlIGZyaWVuZGx5IGRpc3BsYXkgbmFtZQ==?=, Nov 8, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    522
    Patrick.O.Ige
    Nov 8, 2005
  3. teo
    Replies:
    1
    Views:
    2,457
    Steve C. Orr [MVP, MCSD]
    Jul 16, 2006
  4. Mad Bull
    Replies:
    3
    Views:
    370
    Rob Meade
    Jul 20, 2006
  5. radhakrishnan

    TextBox accepting only numeric values(ASP.net)

    radhakrishnan, Feb 5, 2004, in forum: ASP .Net Web Controls
    Replies:
    1
    Views:
    182
Loading...

Share This Page