Everytime a user posts something containing < or > in a page in webapp, you will get this exception thrown.
so for this issue you need to Put
1. validateRequest="false" in your page directive or web.config file.
The .NET framework is throwing up an error because it detected something in the entered text which looks like an HTML statement. The text doesn't need to contain valid HTML, just anything with opening and closing angled brackets ("<...>").
The reason behind the error is as a security precaution. Developers need to be aware that users might try to inject HTML (or even a script) into a text box which may affect how the form is rendered. For further details see www.asp.net/learn/whitepapers/request-validation/.
In your web.config file
so for this issue you need to Put
1. validateRequest="false" in your page directive or web.config file.
The .NET framework is throwing up an error because it detected something in the entered text which looks like an HTML statement. The text doesn't need to contain valid HTML, just anything with opening and closing angled brackets ("<...>").
The reason behind the error is as a security precaution. Developers need to be aware that users might try to inject HTML (or even a script) into a text box which may affect how the form is rendered. For further details see www.asp.net/learn/whitepapers/request-validation/.
In your web.config file
2. <httpRuntime requestValidationMode="2.0"/>
<configuration>
<system.web>
<pages validateRequest="false" />
</system.web>
</configuration> 3. [Post, ValidateInput(false)]
public ActionResult Edit(string message) {
...
} 4.[AcceptVerbs(HttpVerbs.Get)]
[ValidateInput(false)]
public ActionResult List(string message)
{
}If you are using MVC3.0 you can use [AllowHtml]
public class XMLModel { [AllowHtml] public string msg { get; set; } }
Thanks
No comments:
Post a Comment
Share your thoughts....