A Potentially Dangerous Request.Form Value Was Detected From The Client




A Potentially Dangerous Request.Form Value Was Detected From The Client, Request Validation In Asp.Net, Request Validation, Script Attack, Script Injection, Asp.Net, ValidateRequest, requestValidationMode, httpRuntime

Un-encoded HTML content can be dangerous to the Server. In order to prevent Un-encoded HTML content, there is a feature in Asp.Net which is known as Request Validation. Request Validation would prevent script injection attack. Thereby Asp.Net web Application will be secure from script attack. This Issue happens when Request Validation is enabled on the Server and somebody is trying to send Un-encoded HTML content to the server.




We have To Turn Off the Request Validation feature for resolving this Issue. By turning Off Request Validation feature, we are allowing the cross script attack. We strongly recommend, Not To Turn Off the Request Validation feature. We can disable the Request Validation in page level and application level.



On the aspx page, please set the validateRequest property to false. Add requestValidationMode to 2.0 inside httpRuntime on web.config as shown in the figure.

A Potentially Dangerous Request.Form Value Was Detected From The Client, Request Validation In Asp.Net, Request Validation, Script Attack, Script Injection, Asp.Net, ValidateRequest, requestValidationMode, httpRuntime

Thereby we can disable Request Validation for each page.




On web.config file, add the following code as shown in the figure.

A Potentially Dangerous Request.Form Value Was Detected From The Client, Request Validation In Asp.Net, Request Validation, Script Attack, Script Injection, Asp.Net, ValidateRequest, requestValidationMode, httpRuntime

Here inside pages node validateRequest should be false Inside httpRuntime node,

Set requestValidationMode to 2.0. Thereby we can disable Request Validation At Web Application Level.