What is the best way to get around a "potentially dangerous request" error in asp.net?

Question

What is the best way to get around a "potentially dangerous request" error in asp.net?

The project I'm working on now has, at the box office, the ability to attach an embedded YouTube video to an ad.

It causes a headache:

My initial plan was to take the built-in html that the user provides from YouTube, and split the videoID, and store only that, rejecting everything that does not match a specific template so that there are no dodgy cases.

Unfortunately, ASP.net validation catches html before it is sent back to me for processing, is there a way, other than disabling validation, to get around this?

I can handle unsafe html myself, and there are too many other controls on the page to justify canceling the check.

+3

html c # asp.net

Ed james Jun 17 '09 at 11:33

source share

2 answers

YouTube, URL- YouTube, ? .

+1

Ian Oxley 17 . '09 12:05

Robin day · Accepted Answer · 2009-06-17T11:41:35+0000

Disabling the ValidateRequest flag is the only way to allow .net to accept data.

One alternative may be to use javascript to encode input and publish a page of encrypted data instead of raw html.

Another alternative is to have a blank page with your control and a “send” button inside the iframe on the main page. Thus, you only need to disable validation for this page and therefore control. However, styling can be a problem.

What is the best way to get around a "potentially dangerous request" error in asp.net?

More articles: