Hello,

I am implementing Chapter 5 of the book and was about to test the AddEditArticle.aspx page. When I tried to insert a new article I got the following error:

System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client

The text of the article that I pasted into the FCKeditor contained some html tags, since it was copied from the web browser and retained the html formatting.
I can't quite figure out where or how the Helpers.ConvertToHtml method is being called to en/decode the html.

I wonder if anyone else has come across this problem and could help.

Thanks,

Emily

I think I found the answer - I needed to include ValidateRequest="false" in the page directive at the top. I'm still confused about how come the validation controls still work even though the VaidateRequest attribute is set to false.

emilypost,

ValidateRequest is releted to the HttpRequest and not to the individual controls on the page. that's why when it detects some html that it feels could compromise security and/or page integrity, it throws the exception.

it's a trade off really setting it to false to allow everything thro. in 99% of cases, it's fine, even more so with the beerhouse dal as it's using parameterised sp's. your main issue may well be stray divs 'bending' your page etc.


jimi

http://www.jamestollan.com

So is this the only solution? turning off request validation?

Thanks!