Server Error in 'ASP.Net' Application.
A potentially dangerous Request.Form value was detected from the client (TextBox1"=<p>Hello</p>").
Description: Request
Validation has detected a potentially dangerous client input value, and
processing of the request has been aborted. This value may indicate an
attempt to compromise the security of your application, such as a
cross-site scripting attack. You can disable request validation by
setting validateRequest=false in the Page directive or in the
configuration section. However, it is strongly recommended that your
application explicitly check all inputs in this case.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (TextBox1="<p>Hello</p>").
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (TextBox1="<p>Hello</p>").
Cause
To Prevent from SQL Injections, ASP.NET by default does not allow HTML tags "<",">"
It is
recommended to allow this check to happen on each postback.
Solution
Sometimes you need to submit HTML Content to your page through
Rich TextBoxes or Rich Text Editors. In that case you can avoid this
exception by setting the ValidateRequest tag in the @Page Directive to false.
<%@ Page Language="C#" AutoEventWireup="true" ValidateRequest = "false"
This will disable the validation of requests for the page you have set the ValidateRequest flag to false.
To disable request of all page you’ll need to set ValidateRequest false in your web.config <system.web> section
<pages validateRequest ="false" />
For .Net 4.0 or higher frameworks you will need to also add the following line in the <system.web> section to make the above work.
<httpRuntime requestValidationMode = "2.0" />
That’s it. Hope this helps you in getting rid of the above issue.
