I use master pages in an ASP.NET MVC application that allows you to submit HTML data as part of a form. Even when I installed
<%@ Page ValidateRequest="false" %>
Or install
<pages validateRequest="false">
...
</pages>
in my web.config file, I still get the same error:
A potentially dangerous Request.Form value was detected from the client ...
Description: Request validation detected a potentially dangerous input to the client, and request processing was interrupted. This value may indicate an attempt to compromise the security of your application, such as cross-site scripting attack. You can disable request validation by setting validateRequest = false in the "Page" directive or in the configuration section. However, it is highly recommended that your application explicitly check all inputs in this case.
ASP.NET MVC.
? . .