A potentially dangerous Request.Form value was detected from the client

A

amit

hi,

Can anyone tell me is there any other way to fix the problem listed in the
subject (its seen in some of the browsers),

I am right now

adding the following in the <system.web> block of web.config...

<pages validateRequest="false" />

Is there a security threat after we do this, if yes please let me know the
workaround,

regards,
AMIT PUROHIT
 
E

Eric Lawrence [MSFT]

Yes, there is a security threat to doing this if you're not careful what you
do with data submitted via forms. You need to make sure that it's safe for
whatever you use it for (e.g. save to SQL, display to user, etc).

See the book "Writing Secure Code" for more info.

--
Thanks,

Eric Lawrence
Program Manager
Assistance and Worldwide Services

This posting is provided "AS IS" with no warranties, and confers no rights.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

A potentially dangerous Request.Form value was detected from the client 2
A potentially dangerous Request.Form value was detected... 0
A potentially dangerous Request.Form value was detected from the client 5
potentially dangerous Request.Form value was detected 2
Potentially dangerous Request.Form value for Cancel button Click 1
A potentially dangerous Request.Form value was detected from the client 2
Localization and Potentially Dangerous Request.Form Values 1
A potentially dangerous querystring ... [ValidateRequest] 5

Members online

Total: 29 (members: 1, guests: 28)
Robots: 202

Forum statistics

Threads
473,767
Messages
2,569,570
Members
45,045
Latest member
DRCM

Latest Threads

Top