开发者

"potentially dangerous Request.Form value ..." -- mvc 2, .net 4.0

开发者 https://www.devze.com 2023-01-03 09:53 出处：网络

I am trying t开发者_如何学Goo set up input validation using regular expressions, but I keep getting this error when I enter \"<test>\" in a textbox:

相关专题：asp.net-4.0 asp.net-mvc-2 validation

I am trying t开发者_如何学Goo set up input validation using regular expressions, but I keep getting this error when I enter "<test>" in a textbox:

A potentially dangerous Request.Form value was detected from the client

I have this in the web.config:

<system.web>
    <httpRuntime requestValidationMode="2.0" />

I also have this in the web.config:

<system.web>
    <pages controlRenderingCompatibilityVersion="3.5" 
              clientIDMode="AutoID" 
               validateRequest="false">
              ...
              </pages>

and I have this in the page directive of the view in question:

ValidateRequest="false"

Nothing seems to help. I have seen this question on this site and usually the posters leave out the httpRuntime tag in the web.config ... but I have included that and I still get the exception. Any ideas?

OK, I found the answer: [ValidateInput(false)] before the controller or action code! (I didn't go far enough in reading previous questions!)