1

In my database table I have one column with the name ActionName.

This ActionName may contain action name with query string or without it.

I have a value like this: Customer?Start=New

In View I have actionlink which is using this model column.

When I click on this link, it gives error:

A potentially dangerous Request.QueryString value was detected from the client(?)

I tried using attribute [ValidateInput(false)] in action method and also [AllowHTML] in model, but still this error is shown.

How to safely pass query string parameter from database?

RKh
  • 13,818
  • 46
  • 152
  • 265
  • 1
    Can we see the code for the ActionLink and any relevant information from your controller action – Luke Jun 03 '15 at 11:52
  • possible duplicate of [A potentially dangerous Request.QueryString value was detected from the client when sending html markup from jquery post call to asp.net page](http://stackoverflow.com/questions/3885697/a-potentially-dangerous-request-querystring-value-was-detected-from-the-client-w) – puddinman13 Jun 03 '15 at 19:40
  • Please see these articles: http://stackoverflow.com/questions/3885697/a-potentially-dangerous-request-querystring-value-was-detected-from-the-client-w AND http://stackoverflow.com/questions/20009815/a-potentially-dangerous-request-querystring-value-was-detected-from-the-client – puddinman13 Jun 03 '15 at 19:40

0 Answers0