Wrox Programmer Forums
|
BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0
This is the forum to discuss the Wrox book ASP.NET 2.0 Website Programming: Problem - Design - Solution by Marco Bellinaso; ISBN: 9780764584640
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old May 6th, 2007, 04:59 PM
Registered User
 
Join Date: May 2007
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default AddEditArticle.aspx - validation error

Hello,

I am implementing Chapter 5 of the book and was about to test the AddEditArticle.aspx page. When I tried to insert a new article I got the following error:

System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client

The text of the article that I pasted into the FCKeditor contained some html tags, since it was copied from the web browser and retained the html formatting.
I can't quite figure out where or how the Helpers.ConvertToHtml method is being called to en/decode the html.

I wonder if anyone else has come across this problem and could help.

Thanks,

Emily

 
Old May 6th, 2007, 09:40 PM
Registered User
 
Join Date: May 2007
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I think I found the answer - I needed to include ValidateRequest="false" in the page directive at the top. I'm still confused about how come the validation controls still work even though the VaidateRequest attribute is set to false.

 
Old May 9th, 2007, 04:19 AM
Friend of Wrox
 
Join Date: Mar 2007
Posts: 488
Thanks: 2
Thanked 11 Times in 10 Posts
Default

emilypost,

ValidateRequest is releted to the HttpRequest and not to the individual controls on the page. that's why when it detects some html that it feels could compromise security and/or page integrity, it throws the exception.

it's a trade off really setting it to false to allow everything thro. in 99% of cases, it's fine, even more so with the beerhouse dal as it's using parameterised sp's. your main issue may well be stray divs 'bending' your page etc.


jimi

http://www.jamestollan.com
 
Old May 31st, 2007, 02:55 PM
Authorized User
 
Join Date: Jan 2007
Posts: 63
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
quote:Originally posted by jimibt
 emilypost,

ValidateRequest is releted to the HttpRequest and not to the individual controls on the page. that's why when it detects some html that it feels could compromise security and/or page integrity, it throws the exception.

it's a trade off really setting it to false to allow everything thro. in 99% of cases, it's fine, even more so with the beerhouse dal as it's using parameterised sp's. your main issue may well be stray divs 'bending' your page etc.

jimi

http://www.jamestollan.com
So is this the only solution? turning off request validation?

Thanks!






Similar Threads
Thread Thread Starter Forum Replies Last Post
AddEditArticle.aspx retroviz BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 1 February 19th, 2008 12:33 PM
Error in AddEditArticle.aspx learningASP BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 3 May 31st, 2007 08:15 PM
ASP/ASPX W3C validation URL OldCoder HTML Code Clinic 4 April 8th, 2006 11:58 PM
New.aspx works but login.aspx fails Validation nigelhamilton BOOK: ASP.NET Website Programming Problem-Design-Solution 8 September 13th, 2004 02:29 AM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.