Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Re: How to handle "A potentially dangerous Request.Form value wasdetected from the client"

Reply
Thread Tools

Re: How to handle "A potentially dangerous Request.Form value wasdetected from the client"

 
 
ZRat
Guest
Posts: n/a
 
      01-05-2009
On Jan 1, 11:53*am, Alan Silver <(E-Mail Removed)>
wrote:
> In article <(E-Mail Removed)>, "Alvin
> Bruney [ASP.NET MVP]" <(E-Mail Removed)> writes
>
> >Use javascript to encode the input from the control/textbox before
> >submitting to the server. Be aware that browsers who run with
> >javascript will circumvent this.

>
> Thanks, but that wasn't what I meant.
>
> I don't want to allow any HTML in the input. I just want to be able to
> catch the error and redisplay the page with a message, instead of the
> default ASP.NET error page (which isn't very user-friendly).
>
> Thanks anyway
>
> --
> Alan Silver
> (anything added below this line is nothing to do with me)


This is what we use. In the Application_Error event of Global.asax
we have the following:

Exception ex = Server.GetLastError();

if (ex is HttpRequestValidationException)
{
Response.Redirect("~/Errors/RequestError.aspx");
return;
}

We found that we were unable to trap the event on the page, but we
could handle it here.

Hope this helps
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
A potentially dangerous Request.QueryString value was detected from the client Hardy Wang ASP .Net 7 04-23-2011 02:02 PM
Re: How to handle "A potentially dangerous Request.Form value wasdetected from the client" Larry Bud ASP .Net 0 01-06-2009 04:38 PM
how to try-catch potentially dangerous Request.Form value exception angus ASP .Net 1 08-04-2004 09:48 AM
Trapping a ' potentially dangerous Request.QueryString value' John Morgan ASP .Net 1 05-27-2004 06:11 PM
A potentially dangerous Request.Form value was detected from the client amit ASP .Net 1 02-26-2004 09:47 PM



Advertisments