3

I am developing a web application based on ASP.NET 4.0 and having some few pages with potential dangerous request(having markup codes).

So instead of setting RequestValidationMode="2.0" in web.config, can I set that property only for those few pages?

user1118064
  • 107
  • 2
  • 7

2 Answers2

8

Answer hidden somewhere in msdn, hope this helps you too.. Better late then never Try this,

<location path="test.aspx">
<system.web>
<httpRuntime requestValidationMode="2.0" />
</system.web>
</location>

Reference

http://msdn.microsoft.com/en-us/library/hh882339(v=vs.100).aspx

Arjun Shetty
  • 1,575
  • 1
  • 15
  • 36
0

for avoiding this error: potentially dangerous request.form value was detected from the client.

you can use page level property : <%@ Page ... ValidateRequest="false" %>

Ashwini Verma
  • 7,477
  • 6
  • 36
  • 56
  • Yer.Already Used this directive ValidateRequest="false" in page. But it seems not working for .Net4.0 applications. So the suggestion was use in web.config. And then it works fine. But when set this property it applies not only that page but for all HTTP requests. – user1118064 Mar 21 '13 at 11:19
  • have you gone through this link there similar issue is raised: http://stackoverflow.com/questions/2673850/validaterequest-false-doesnt-work-in-asp-net-4 – Ashwini Verma Mar 21 '13 at 12:06
  • I went through that link and it is also mentioned use in web.config file. Actually I am looking for a way to add this property only for few pages(Either run-time code-behind or page-level). not for all HTTP requests. If any possibilities please update. Thanks. – user1118064 Mar 22 '13 at 06:07