Home > Others

Validaterequest in the web. config file of SharePoint

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

This is an attribute of pages in Web. config.

Location in

<Configuration>

<System. Web>

<Pages validaterequest = "false">

</Pages>

</System. Web>

<Configuration>

 

Starting from. NET Framework 1.1, the default value of this element is true. In machine. config, the default value is true.

This element can be used to prevent script injection attacks (script-injection attacks), that is, the client script or HTML can be sent to the server in an unknown situation. if this value is set to false, your applicationProgramThere are risks, details refer to http://support.microsoft.com/kb/821343.

 

Some applications set the validate request attribute to false, so the application itself should handle and prevent script injection attacks. For details, see the following two articles.Article.

Http://msdn.microsoft.com/en-us/library/950xf363 (vs.71). aspx

Http://technet.microsoft.com/en-us/library/cc262849.aspx#section12

 

As you can see in Web. config of a new SharePoint web application, the value is false.

Because the validate request option organizes XML tags (<A-Z, <!, </, & #, <? And SharePoint requests require these tags to describe caml queries, or implement Rich Text Editor and other functions.

Therefore, the value of the SharePoint validate request option is false. Do not modify it.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More