Re: Error in request
From: Victor Garcia Aprea [MVP] (vga@NOobiesSPAM.com)
Date: 04/23/03
- Previous message: Victor Garcia Aprea [MVP]: "Re: Error"
- In reply to: Tobe: "Error in request"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Victor Garcia Aprea [MVP]" <vga@NOobiesSPAM.com> Date: Tue, 22 Apr 2003 20:54:41 -0300
Hi Tobe,
Please browse back a few threads for one named "Error" by Ashok on 4/14,
where we're discussing what this exception means and how/when to
enable/disable this new 1.1 feature.
-- Victor Garcia Aprea Microsoft MVP | ASP.NET "Tobe" <tobep@vantagecontrols.com> wrote in message news:005401c30757$1a023f90$a101280a@phx.gbl... > My Webhosting service (brinkster) told me that there is a > bug in ASP.NET which causes blank pages to come up with > more complex pages with a lot of EnableViewState=true. > > So I disabled the viewstate on the majority of the > controls, but now I am getting another error, a security > error, as I am trying to read the 'request' for these > controls. The error is: > > "A potentially dangerous Request.Form value was detected > from the client (target0="<CENTER><BIG><BIG>LA..."). " > > It tells me what I can do to allow a bypass of this > security feature (as you can see in the description > section below. It says that I can "can disable request > validation by setting validateRequest=false in the Page > directive" But when I use the validateRequest=false in > the page directive, I get another error saying > that "The 'validateRequest' attribute is not supported by > the 'page' directive." > > What is the proper way to bypass this security feature. I > need to get this application on-line as soon as possible. > > Thanks. > tlp > > > > > Description: Request Validation has detected a potentially > dangerous client input value, and processing of the > request has been aborted. This value may indicate an > attempt to compromise the security of your application, > such as a cross-site scripting attack. You can disable > request validation by setting validateRequest=false in the > Page directive or in the configuration section. However, > it is strongly recommended that your application > explicitly check all inputs in this case. > > Exception Details: > System.Web.HttpRequestValidationException: A potentially > dangerous Request.Form value was detected from the client > (target0="<CENTER><BIG><BIG>LA..."). > >
- Previous message: Victor Garcia Aprea [MVP]: "Re: Error"
- In reply to: Tobe: "Error in request"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
