get off : "A potentially dangerous Request.Form value was detected ..."

how may I stop this to show up ....?

Thank you very much for any help!

Fabian

 

 

Server Error in '/instat4' Application.

A potentially dangerous Request.Form value was detected from the client (myTextBox_consumptionCommentary="<sfqsdf").

Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (myTextBox_consumptionCommentary="<sfqsdf").

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (myTextBox_consumptionCommentary="<sfqsdf").]
   System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName)
   System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName)
   System.Web.HttpRequest.get_Form() +113
   System.Web.UI.Page.GetCollectionBasedOnMethod()
   System.Web.UI.Page.DeterminePostBackMode()
   System.Web.UI.Page.ProcessRequestMain()
   System.Web.UI.Page.ProcessRequest()
   System.Web.UI.Page.ProcessRequest(HttpContext context)
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)


Version Information: Microsoft .NET Framework Version:1.1.4322.573; ASP.NET Version:1.1.4322.573



0
fabianus76
6/16/2005 5:44:09 PM
asp.net.getting-started 91979 articles. 4 followers. Follow

5 Replies
622 Views

Similar Articles

[PageSpeed] 32

All what you need is read this article:
Request Validation - Preventing Script Attacks

Regards


Bilal Hadiar, MCP, MCTS, MCPD, MCT
Microsoft MVP - Telerik MVP
0
haidar_bilal
6/16/2005 6:49:29 PM
Hello haidar_bilal, 

Thank you very much for this adivce !

Regards,
Fabian



0
fabianus76
6/16/2005 7:18:34 PM
hi, 

Try including

<code>
<system.web>
....
<pages validateRequest="false" />

....
</code>

Hope it helps
Shahram


0
shahramk
6/16/2005 7:41:32 PM
Hello 
														shahramk, 

thank you for your help!

Fabian


0
fabianus76
6/16/2005 9:22:23 PM

You are welcome.

This is an important issue while securing your web application. Make sure to have a look at SQL Injection too.

Best of luck.

 

Regards


Bilal Hadiar, MCP, MCTS, MCPD, MCT
Microsoft MVP - Telerik MVP
0
haidar_bilal
6/17/2005 8:41:31 AM
Reply: