A potentially dangerous request. form value is detected from the client (hd_content = "test Ang, HA 333.

You can avoid adding validaterequest = "false" to. aspx.

For Web ApplicationsProgramTo prevent hacker attacks that rely on malicious input strings, it is essential to restrict and verify user input. Cross-site Scripting is an example of such attacks. Other types of malicious data or unwanted data can be input in various forms in the request. By limiting the data types that are allowed in applications at a lower level, you can block unwanted events, even when you useCodeThis is also true when programmers do not properly use the appropriate verification technology.

when request verification detects potential malicious client input, this exception is thrown to abort request processing. Request suspension can indicate attempts that endanger your application security, such as cross-site scripting attacks. It is strongly recommended that your application explicitly check all input related to request abort. However, you can also run the @ page command validaterequest set the property to false to disable request verification, example:

<% @ page validaterequest =" false "%>

To disable application request verification, you must modify the Web. config file of the application or create a web. config file. Pages Section Validaterequest Set property False, As shown in the following example:

 
<Configuration>
<System. Web>
<Pages validaterequest = "false"/>
</System. Web>
</Configuration>
 

To disable request verification for all applications on the server, you can modify the machine. config file.

Another step is to add processing to the onerror event on the page:

Protected   Void Page_error ( Object Sender, eventargs E)
{
Exception ex = Server. getlasterror ();
If (EX Is Httprequestvalidationexception)
{< br> response. redirect ( " default. aspx " );
server. clearerror ();
}
}