Potentially dangerous request exception. Form in the general handler

Question

Potentially dangerous request exception. Form in the general handler

I have seen this error before, but I can not get around it. In this case, I have an ASHX page spitting out a simple HTML form with a text box into which XML can be sent. When I try to read the form, I get a "potentially dangerous Request.Form value ...".

Since this is a common handler, the "ValidateRequest" attribute is not available. However, I already had this defined in web.config:

<location path="xml/MyGenericHandler.ashx">
    <system.web>
      <pages validateRequest="false" />
    </system.web>
</location>

This snippet precedes the switch from .NET 3.5 to 4.0, so I guess where the error occurred.

Any idea how to get around this error for ASHX pages?

+3

validation asp.net ashx generic-handler

roufamatic Mar 03 '11 at 10:03

source share

3 answers

, , . , . , . , , , , .

Request.Form

Microsoft Anti-Xss Library, Server.HtmlEncode.

, ashx, "if", , , .

+1

David 03 . '11 22:10

:

  <location path="MyGenericHandler.ashx">
    <system.web>
      <!-- requestValidationMode is to avoid HTML-validation of data posted to the handler -->
      <httpRuntime requestValidationMode="2.0"/>
    </system.web>
  </location>

, :

context.Request.Unvalidated.Form

0

user626528 14 '17 21:08

Wyatt Barnett · Accepted Answer · 2011-03-03T22:39:57+0000

3.5-4.0, , - ASP.NET 4.0. :

<httpRuntime requestValidationMode="2.0" />

, 2.0, , .

Potentially dangerous request exception. Form in the general handler

More articles: