Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Spyros Spyriadis 46 posts 70 karma points
    Mar 04, 2012 @ 23:48
    Spyros Spyriadis
    0

    Umbraco v5 - A potentially dangerous Request.Form

     

    I am trying to post a form on umbraco v5 from one page to another and I keep getting the error below. I have checked that the web.config is correct.

    Doing a google search i found that this is a problem of MVC and it cannot be configured from the web.config and the only thing that can be done is this: http://coderjournal.com/2009/02/potentially-dangerous-requestform-detected-aspnet-mvc/

    Any ideas how I could overcome this problem?

    A potentially dangerous Request.Form value was detected from the client (data="<input>").

    Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133. ;

    Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (data="<input>").

     

  • Spyros Spyriadis 46 posts 70 karma points
    Mar 05, 2012 @ 18:24
    Spyros Spyriadis
    0

    Is there any way to add this for a template?  It is required by MVC to bypass the validation of a form post...

    [Post,ValidateInput(false)]
    publicActionResultEdit(string message){
       
    ...
    }
  • Spyros Spyriadis 46 posts 70 karma points
    Mar 06, 2012 @ 09:13
    Spyros Spyriadis
    0

    Ok let's say I create a SurfaceController how would I call this directly from ajax (jquery) is there any path (URL) that I can use afretwards? Or should I create a Template just to create a URL?

Please Sign in or register to post replies

Write your reply to:

Draft