Monday, July 8, 2013

MVC

ASP.NET MVC – pages validateRequest=false doesn’t work?


In ASP.NET MVC you get the following error after entering some script of HTML like content into a textbox:
A potentially dangerous Request.Form value was detected from the client
The runtime throws an error if you try and enter script or HTML like content in the form.
I wanted to turn this off so that I could go through an example video which required that the form would allow the submission of the content. I changed the web.config file… then i checked the other web.config file in the Views | Shared folder, and the pages element’s validateRequest attribute was already set to false. Neither of these settings work.
Turning off validation can be done by applying the ValidateInput attribute to the top of the Action Method with false as the boolean parameter as shown below:
[ValidateInput(false)]
public ActionResult AddEntry(string feedback) {
    :
}
That will prevent the runtime form validating your form input for the given action…Of course you have to apply this to every Action Method that you create.
Not too hard… It is up to you to know what you are doing after this of course!

No comments:

Post a Comment