What does requestValidationMode="2.0" actually do?

asp.net-mvc validation asp.net-mvc-3 asp.net-mvc-validation
Oren A picture Oren A · Jun 1, 2011 · Viewed 25.9k times · Source


I'm trying to solve a "A potentially dangerous Request.Form value was detected from the client" problem, and SO answers and Scott Hanselman recommend setting

<httpRuntime requestValidationMode="2.0" />

in Web.config (along with adding an attribute to problematic Methods).
I realize this changes the validation mode to ASP.NET 2.0's, but what does that mean?
And also, does this change has any side effects I should be aware of?

Thanks.

Answer

David d C e Freitas picture David d C e Freitas · Dec 7, 2011

Check out the description at MSDN's HttpRuntimeSection.RequestValidationMode Property.

2.0. Request validation is enabled only for pages, not for all HTTP requests. In addition, the request validation settings of the pages element (if any) in the configuration file or of the @ Page directive in an individual page are used to determine which page requests to validate.

Related questions

MaxLength Attribute not generating client-side validation attributes

I have a curious problem with ASP.NET MVC3 client-side validation. I have the following class: public class Instrument : BaseObject { public int Id { get; set; } [Required(ErrorMessage = "Name is required.")] [MaxLength(40, ErrorMessage = "Name cannot be longer than 40 characters.")] public string …

Read More
How to change 'data-val-number' message validation in MVC while it is generated by @Html helper

Assume this model: Public Class Detail ... <DisplayName("Custom DisplayName")> <Required(ErrorMessage:="Custom ErrorMessage")> Public Property PercentChange As Integer ... end class and the view: @Html.TextBoxFor(Function(m) m.PercentChange) will proceed this html: <input data-val="…

Read More
Disable client-side validation in MVC 3 "cancel" submit button

OK, been trying things for hours and could use some help. I'm trying to implement a page in MVC 3 that has "back" and "next" buttons. When the back button is clicked I want to disable client-side MVC validation from running …

Read More