ASP.NET MVC – pages validateRequest=false doesn’t work?

In ASP.NET MVC you get the following error after entering some script of HTML like content into a textbox:

A potentially dangerous Request.Form value was detected from the client

The runtime throws an error if you try and enter script or HTML like content in the form.

I wanted to turn this off so that I could go through an example video which required that the form would allow the submission of the content. I changed the web.config file… then i checked the other web.config file in the Views | Shared folder, and the pages element’s validateRequest attribute was already set to false. Neither of these settings work.

Turning off validation can be done by applying the ValidateInput attribute to the top of the Action Method with false as the boolean parameter as shown below:

[ValidateInput(false)]
public ActionResult AddEntry(string feedback) {
    :
}

That will prevent the runtime form validating your form input for the given action…Of course you have to apply this to every Action Method that you create.

Not too hard… It is up to you to know what you are doing after this of course!

:o)

About these ads

2 Responses to “ASP.NET MVC – pages validateRequest=false doesn’t work?”

  1. ASP.NET MVC Archived Blog Posts, Page 1 Says:

    [...] to VoteASP.NET MVC – pages validateRequest=false doesn't work? (6/21/2009)Sunday, June 21, 2009 from jwwishart.wordpress.comIn ASP. NET MVC you get the following error after [...]

  2. A potentially dangerous Request.Form value was detected from the client in ASP.NET WebForms and MVC « Randomos Technos Says:

    [...] that I also have an entry on the MVC attribute here which discusses this attribute a little more. I think it needs updating though Posted in [...]


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: