Data Haunting

Easy Solutions Destination

By

A potentially dangerous request.form value was detected from the client error in Asp.net Web forms and MVC

I have faced A potentially dangerous request.form value was detected from the client error many times while working with CkEditor or by entering special character in Asp.net web forms and Asp.net MVC. Here I am explaining complete solutions step by step and also reason for this error.

Reason behind a potentially dangerous request.form error

When we use ckeditor or some other editor for providing Html tags and attributes for end user or entered special character than when we or end user submit the data at that time Asp.net Web form and Asp.net MVC Framework usually does not allow such Html tags, attributes and special character because it can be potentially harmful to our database. To overcome this situation we could apply following all solutions.

All possible solutions for a potentially dangerous request.form value was detected from the client error

  • Solution for Asp.net Web forms

  1. Set validateRequest false of the page directive of .aspx web forms
  2. For the particular web forms to overcome from this error, you can disable validateRequest by setting false in page directive in .aspx web forms.

  • Solutions for Asp.net MVC

  1. Use AllowHtml Attribute in your Model Property for particular element
  2. For the particular element like TextBox or TextAre we can apply AllowHtml Attribute to relative Model Property which is strongly typed with our element. Suppose our property name is “Description” which is used with ckeditor of TextArea’s element than we can use it as following way.

  3. Set ValidateInput attribute false for particular post Action method
  4. To allow special character and Ckeditor data for whole Action of Controller, we need to specify ValidateInput to false at our post method. Suppose our post action method name is “Index” than we can do it is as following way.

  • Common solutions in Web.config file

  1. Web.Config file set validateRequest to false and requestValidationMode to 2.0
  2. Last thing we have to change in web.confing file at httpRuntime inside system.web tag add requestValidationMode to 2.0 and in pages elements set or add validateRequest to false as given below.

By applying above all solutions we can overcome from this error.

Note – By applying above solutions we have possibility of vulnerable attacks to our page and database so you have to maximum try to avoid applying above solutions.

What is your opinion ?

Here I have explain all possible solutions for “A potentially dangerous request.form value was detected from the client error” in Asp.net Web form and Asp.net MVC. I hope it will be very useful to overcome from this error in web form and MVC and you will enjoy this solutions. If you have any query and question, you can comment or you can mail me.

2 Responses to A potentially dangerous request.form value was detected from the client error in Asp.net Web forms and MVC

  1. Surbhi says:

    it doesnt work if I want to insert 0 < character.

Leave a Reply