Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Khai 71 posts 161 karma points
    May 01, 2013 @ 11:51
    Khai
    0

    Umbraco 6.02 MVC "A potentially dangerous Request.QueryString value was detected from the client"

    So I have a searchresult partial view in umbraco which gets it search keyword from a query string. ( the search has no controller ) But whenever I search with eg. "<t>" I get an server error with the warning A potentially dangerous Request.QueryString value was detected from the client. I googled for a while and found the following fixes in the web.config:

    - <httpRuntime requestValidationMode="2.0"/>

    - <pages enableEventValidation="false" validateRequest="false">

    However this does not work. My guess is the fixes works for asp.net forms and not for MVC. So I found this on a blog "[ValidateInput(false)]" however I guess this has to be added to an action of a controller, but like I said I don't have a controller. Has anyone any idea how to remove this validation in Umbraco MVC 6.02?

  • Sanoj Kumar 1 post 21 karma points
    Jun 26, 2013 @ 15:40
    Sanoj Kumar
    0

    Hi Khai,

    Did you get the solution to this problem.

     

     

  • Andreas Iseli 150 posts 427 karma points
    Jun 27, 2013 @ 10:09
    Andreas Iseli
    0

    You are right, normally that attribute must be added to the controll method (or even the AllowHtml attribute for a single property on a model class). But in your case try to unvalidate the form request values by accessing them directly over the form collection:

    Request.Unvalidated().Form["userInput"];

    http://msdn.microsoft.com/en-us/library/hh882339(v=vs.100).aspx

Please Sign in or register to post replies

Write your reply to:

Draft