Member Avatar for krunalk

hi all,

while uploading javascript for the google analytic code on my live site i am getting below error.

Server Error in '/' Application.
A potentially dangerous Request.Form value was detected from the client ((ctl00$ContentPlaceHolder1$txtanalyaticcode=")


<script type=”text/j...").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder1$txtanalyaticcode="

it works fine in local as well as staging site but it gives error on live site. i googled for the same error and found solution to write ValidateRequest="false" and EnableEventValidation=false in my page. but it doen't working.


Please do some needfull help.

  • 3 Contributors
  • 4 Replies
  • 622 Views
  • 8 Months Discussion Span
  • Latest Post Latest Post by habeeb_matrix
Member Avatar for geniusvishal

This type of error occur when you try to post some Html code or other scripting code in the field which is not assigned to fetch such values... Plz check the nature of Input and proceed..

Regards,
Vishal

Member Avatar for krunalk

Hi Vishal,

Thanks for the reply. i have just found my solution.your are also right it was problem due to "<" and <script> tag.so i statically write <script> tag where i want it and then get dynamically js code between <script> tag.it works fine.

Thanks again,
KK

Member Avatar for geniusvishal

Plz mark the post as solved as it could be helpful to other viewers... Click the marked as solved link in the bottom part of the post....

Regards

Member Avatar for habeeb_matrix

This error is generated by ASP.NET to avoid cross site scripting issues.
The solution is to set
<pages validateRequest="false" />
If your .NET runtime is 4.0 or above:
add the following to web.config:
<httpRuntime requestValidationMode="2.0"/>

Edited by pritaeas because: Removed self-promotion link.
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.