-1

Net, I am getting an error saying

"A potentially dangerous Request.Form value was detected from the client" when I am entering a password with special characters "<" and ">" in it, I found some solutions on online saying add validrequest="false" and requestValidationMode="2.0" I did add both the statements in the web.config file and over the top of the page my web config looks like this

<system.web> <authorization> <allow roles="TARGET.DRP.ADMINS, TARGET.DRP.BUSINESS_ADMINS, TARGET.DRP.DEVICE_MNGRS, TARGET.DRP.USERS, TARGET.DRP.MANUFACTURERS"/> <deny users="?"/> </authorization> <httpRuntime requestValidationMode="2.0"/> <compilation debug="true"/> <pages validateRequest="false"/> </system.web>

And also this is showing up only if the password has "<" or ">" but if the password has both "<" and ">" it is working fine. Is there any way to resolve this.

Thank you..

Karthik
  • 115
  • 1
  • 12
  • You lost the bet.. though – Karthik Apr 09 '13 at 02:42
  • If you can read the question properly I clearly mentioned that I found some stuff saying validrequest="false" and requestValidationMode="2.0" and I also said I added both the statements... – Karthik Apr 17 '13 at 16:11

2 Answers2

1

If you're submiting the form with a GET it won't work unless you encode the values-

simple-thomas
  • 671
  • 7
  • 20
0

Place the validateRequest="false" on your web.config as:

<pages validateRequest="false" ... >

This make it work. After that you need to be careful what you render on your page and you have get from users input.

page element on msdn

Aristos
  • 66,005
  • 16
  • 114
  • 150