When an HTML Tag value is entered in the textbox of the Asp.net page and the page commits an action,. vs automatically checks this unsafe error.
For example:
Potentially dangerous request. Form values are detected from the client (ctl00 $ maincontentplaceholder $ txtowner = "<D> ")
There are two solutions:
1. capture this error and send a friendly message
// When the user inputs an insecure HTML Tag, for example, <TD>, the system automatically reports a security error. This method is to capture this error!
Protected void page_error (Object sender, eventargs E)
{
Exception EX = server. getlasterror ();
If (httpcontext. Current. server. getlasterror () is httprequestvalidationexception)
{
Httpcontext. Current. response. Write ("an insecure HTML Tag exists in the volume. Please refer to the valid string! <A href = \ "javascript: history. Back (0); \"> return </a> ");
Httpcontext. Current. server. clearerror ();
}
}
2. disable this function.
Add validaterequest = "false" to the page on the front-end page"
<% @ Page Language = "C #" autoeventwireup = "true" codefile = "bp_modelspec_copy.aspx.cs" inherits = "productspec_bp_modelspec_copy" validaterequest = "false" %>
