But unfortunately when I do a postback with a content, I get an error said potentially dangerous from Request.Form.
What is the best way to solve the problems ?
Is it save to do this ?validateRequest="false"
Thanks for your help
----
A potentially dangerous Request.Form value was detected
from the client
(ctl00$body$txtLongDescription="<p><strong>asdasdasd...").
Description: Request Validation has detected a
potentially dangerous client input value, and processing of the request
has been aborted. This value may indicate an attempt to compromise the
security of your application, such as a cross-site scripting attack. To
allow pages to override application request validation settings, set
the requestValidationMode attribute in the httpRuntime configuration
section to requestValidationMode="2.0". Example: <httpRuntime
requestValidationMode="2.0" />. After setting this value, you can
then disable request validation by setting validateRequest="false" in
the Page directive or in the <pages> configuration section.
However, it is strongly recommended that your application explicitly
check all inputs in this case. For more information, see
http://go.microsoft.com/fwlink/?LinkId=153133.
Tiny MCE 3 Control from Umbraco.EditorControl
HI all,
I need to use a Rich text box control.
So I took it from Umbraco.EditorControls/TinyMCE3/
<%@ Register TagPrefix="umb" Namespace="umbraco.editorControls.tinyMCE3.webcontrol"
Assembly="umbraco.editorControls" %>
But unfortunately when I do a postback with a content, I get an error said potentially dangerous from Request.Form.
What is the best way to solve the problems ?
Is it save to do this ? validateRequest="false"
Thanks for your help
----
A potentially dangerous Request.Form value was detected from the client (ctl00$body$txtLongDescription="<p><strong>asdasdasd...").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.What are you using this for? If you need to use it on a page for a custom section you can also add the datatype to your custom section. See this topic: http://our.umbraco.org/forum/developers/extending-umbraco/6863-Datatype-on-normal-page-or-UserControl.
If you want to use the TinyMCe editor on a custom datatype I've created a package which also does this: http://our.umbraco.org/projects/backoffice-extensions/digibiz-email-form-with-tinymce.
I think using validateRequest="false" is fine.
Jeroen
I need it for my custom edit page
i don't like using data type because i won't it to have multi tinymce in single tab.
btw if u are using data type, do u still need to disable validation request?
is umbraco edit page by default turn off their validation request?
is working on a reply...