2

this is the exception

System.Web.HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder1$txtCodeFormate="<a href="%%strpath%%...").
   at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection)
   at System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection)
   at System.Web.HttpRequest.get_Form()
   at System.Web.HttpRequest.get_HasForm()
   at System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull)
   at System.Web.UI.Page.DeterminePostBackMode()
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest()
   at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
   at System.Web.UI.Page.ProcessRequest(HttpContext context)
   at ASP.ccadmin_cms_setup_aspx.ProcessRequest(HttpContext context)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Till now I've tried following options,

 <httpRuntime targetFramework="4.5" requestValidationMode="2.0" />
 <pages validateRequest="false" enableEventValidation="false"></pages>

FYI, its working fine in local, but when I deploy it on server its not working properly, Do I need to work on something at IIS ?

Mox Shah
  • 2,967
  • 2
  • 26
  • 42

1 Answers1

4

I believe your question with all options answered here.

Have you tried the following after you modify Web.config?

Option 1: On the model add this attribute to each property that you need to allow HTML - best choice

[AllowHtml]

Option 2: On the controller action add this attribute to allow all HTML

[ValidateInput(false)]
teo van kot
  • 12,350
  • 10
  • 38
  • 70
  • But this is ASP.NET web forms,How can I use this attributes in ASPX pages? – Mox Shah Nov 12 '14 at 07:22
  • Here [link](http://stackoverflow.com/a/16590834/1849444) they say the issue is that you using `targetFramework="4.5"`. Can you change to `4.0` and try again? Or this is signifisant for you to use `4.5`? – teo van kot Nov 12 '14 at 07:40
  • 1
    Nope, for one page, I cannot target whole application to 4.0 framework – Mox Shah Nov 12 '14 at 09:32