A potentially dangerous Request.Form value was detected from the client

MAC picture MAC · Jun 2, 2010 · Viewed 40.5k times · Source

I have one asp.net application, which has some problems while i am entering the special characters such as ": &#, " in the search box. If i enter this text in search box, i got the exception like this.

A potentially dangerous Request.Form value was detected from the client (txtValue=": &#, ").

then i searched on the net, i got one general solution for this that to set the validaterequest to false. But no changes has been made on my application. Please help me for solving this issue. Any response that would be appreciated.

Answer

marapet picture marapet · Jun 2, 2010

Add a web.config containing

<system.web>
    <pages validateRequest="false" />
</system.web>

to the directory with the page that has the form in question.

See http://www.asp.net/learn/whitepapers/request-validation for a complete description.

In case you use asp.net 4.0, you may try

<httpRuntime requestValidationMode="2.0" />

See also