RSS
Welcome to IT Noobs Corner, your online source for basic and advanced computer tricks and tutorials made especially for noobies in computer / IT world.

ASP.NET: A potentially dangerous Request.Form value was detected from the client SOLUTION

Tuesday, August 13, 2013

I have a site hosted in GoDaddy, http://www.dragonflameasia.com. From this site, I created a dynamic web site that enables the web admin to upload photos, news item into their website through a backend site.



Now, every time I entered through the textbox with a break or Enter command, an error appears like this:


Now, here's the solution:

First, Check your version of .NET Framework. If your framework falls below 4.0, do the following items:

1.) Include the ValidateRequest="false" into your affected HTML file.

 
2.) Go to Web.Config. Include pages validateRequest="false" under .



3.) Now, on tinymce configuration, adjust the configuration into settings. It enables the textbox to become an XML version for security purposes.



4.) Also include the code HttpUtility.Htmlencode(txtcontent.Value) at the bottom below the
code.

5.) Now, to the code behind of the form. Upon saving the record, remember to parse or format the tinymce textbox by using Server.HtmlEncode function. Example like this:

strContent = Server.HtmlEncode(Me.txtContent.Text)

This will enables the record to be saved using HTML encoding to it's respective database.

6.) Now, to load the saved record, we shall use Server.HTMLDecode function. Example like this:

Me.txtContent.Text = Server.HtmlDecode(IIf(IsDBNull(oReader.GetValue(3)), "", oReader.GetValue(3)))

 








 
  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Posted by Unknown at 3:47 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)