Asp. NET detects unsafe Request.Form value solution Rollup

This article mainly introduces the asp.net detection of unsafe request.form value solution Rollup, very comprehensive, the need for friends can refer to the

When we use a rich text editor such as CKEditor in a Web site, most of us encounter such a warning

This is because ASP.net defaults on the validation of page submissions (not only the ASP.net mvc,webforms also enables validation of the content submitted on the page by default), the key to solving this problem is to turn off validation on pages with rich-text editors or with pages that submit HTML code. Can be roughly divided into the following three kinds of situations:

Web site based on Framework2.0 WebForm

This scenario is best solved by setting validaterequest= "false" directly in the page directive at the top of the required pages

Web site based on Framework4 WebForm

This situation is slightly more troublesome than the framework2.0, not only need to declare validaterequest= "false" at the top of the page, but also need to further modify in Web.config file, add or modify in Web.config

　　

Asp. MVC Web site

The first step, modify the Web.config file, if it is for the file in a directory, you can create a new Web.config file (Web.config file has "nearest principle", duplicate the definition of attributes, to the page closest to the Web.config file definition) , and add under the node

(If most files need to be set to cancel verification, you can directly modify the Web.config file in the root directory of the Web site)

In the second step, you need to add the [ValidateInput (false)] property on the action method for the page you want to set to indicate cancellation.

In the third step, the last page displayed should use the Html.raw () method to output the content with HTML, because HTML is escaped by default

The above mentioned is the entire content of this article, I hope you can enjoy.