locked
How to prevent "A potentially dangerous Request.QueryString value was detected from the client" RRS feed

  • Question

  • User351571847 posted

    Dear All

    Some improper values such as '<script>alert(1)</script>' are inputted in 'order number' field in an Ajax call.

    How to prevent this from happening?

    Thanks.

    Monday, May 18, 2015 9:35 PM

Answers

  • User1711366110 posted

    Hi mintssoul,
       As per this case, check the following details :
    1.you have to disable request validation on a page then must set the validateRequest attribute of the Page directive to false like below:

    <%@ Page validateRequest="false" %>

    2.Or you have to disable request validation for your application, then must modify or create a Web.config file for your application and set the validateRequest attribute of the <pages /> section to false like below:

    <configuration>
       <system.web>
          <pages validateRequest="false" />
       </system.web>
    </configuration>
    

    for more information , Click here to know more about How to Preventing Script Attacks from Request Validation.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, May 19, 2015 11:32 PM