New Custom Section and "A potentially dangerous Request.Form value was detected" error
I have an issue with umbraco 4.7 where I have created an new custom section which has an Iframe that shows an existing system that manages the content for the header of my web site.
This existing system that sits in my Iframe is called using a server side (HttpWebRequest)WebRequest.Create and injectd the content onto my custom page that I have created under an umbracoReservedPaths so that umbraco treats this like a stand alone application and I can put my css over it.
Every time I press submit on the page that has the HTML that I would like in the header of my website, the website returns this error "A potentially dangerous Request.Form value was detected". Basically ASP.net is not allowing the form variables through because it contains HTML which could be potential malicious. So my existing header cms never gets called.
I did a search on this issue and found some solutions none of which have worked. The main one incluedes turning validate request off which I have tried to do at the webconfig level and the page level but none of which works.
New Custom Section and "A potentially dangerous Request.Form value was detected" error
I have an issue with umbraco 4.7 where I have created an new custom section which has an Iframe that shows an existing system that manages the content for the header of my web site.
This existing system that sits in my Iframe is called using a server side (HttpWebRequest)WebRequest.Create and injectd the content onto my custom page that I have created under an umbracoReservedPaths so that umbraco treats this like a stand alone application and I can put my css over it.
Every time I press submit on the page that has the HTML that I would like in the header of my website, the website returns this error "A potentially dangerous Request.Form value was detected". Basically ASP.net is not allowing the form variables through because it contains HTML which could be potential malicious. So my existing header cms never gets called.
I did a search on this issue and found some solutions none of which have worked. The main one incluedes turning validate request off which I have tried to do at the webconfig level and the page level but none of which works.
Page level:
<%@ Page validateRequest="false" %>
Web.config level:
<configuration>
<system.web>
<pages validateRequest="false" />
</system.web>
</configuration>
I have even tried setting it in the Page_Init but still not joy
protected void Page_Init(object sender, EventArgs e)
{
try
{
((umbraco.UmbracoDefault)this.Page).ValidateRequest = false;
}
catch { }
}
How do I stop my page from validating the form variables
Hi Dino
Don't know if this works, but something in the back of my mind tells me you should try this.
Have you set the requestvalidationmode attribute to 2.0 on the httpruntime element in the web.config?
Like this: <httpruntime requestvalidationmode="2.0" />
/Jan
I fixed it by adding the line below to the template
<umbraco:DisableRequestValidation runat="server"/>
Hi Dino
Thanks for sharing the solution - I was not aware the above was possible :)
/Jan
is working on a reply...