9

I'm looking for a bit of help as this is now driving me crazy.

I have a tinyMCE text editor on my page which is populated with content which is already stored in the database as html.

eg. <p>first paragraph</p> <p>second paragraph</p> etc, etc with no problems there.

but when I make a change in the editor and then try to update the content in the database I get the error potentially dangerous request.form value was detected from the client

I made all the recommended changes in the web.config

  • requestvalidationmode="2.0"
  • validaterequest="false"

But still get the potentially dangerous request.form value was detected from the client error. This is happening in .NET 4.0 any help/advice would be great.

Luke Girvin
  • 13,221
  • 9
  • 64
  • 84
Tom Maton
  • 1,564
  • 3
  • 23
  • 41

4 Answers4

7

I wouldn't even try to enable this on a site-wide level in the web.config file - just do it per page, when you know specifically input data is safe:

<%@ Page ... ValidateRequest="false" %>

You can use an Umbraco control exposed specifically for this purpose from within a Template as such:

<umbraco:DisableRequestValidation runat="server" />
Grant Thomas
  • 44,454
  • 10
  • 85
  • 129
5

You have to post the section of web.config,

It should be,

<system.web>
    <compilation debug="true" targetFramework="4.0" />
    <httpRuntime requestValidationMode="2.0" />
</system.web>
KV Prajapati
  • 93,659
  • 19
  • 148
  • 186
3

There was similar topic already.

ValidateRequest="false" doesn't work in Asp.Net 4

Hope this will help.

Community
  • 1
  • 1
Assassin
  • 1,296
  • 2
  • 14
  • 17
1

Add this line in your web.config file.

  <pages  validateRequest="false"></pages>
Aarif
  • 1,595
  • 3
  • 17
  • 29
user3404686
  • 131
  • 2
  • 10