The ASP.NET handler checks for security threats on page submissions. This is
part of the security checks, otherwise malicious scripts could be injected to
But, in some alternative cases we need to bypass this - say we need to save a
webpage into the database. But the page validation throws the error.
You can try the following:
1. Create a web application and place a textbox and button on
2. Run the application and try entering the following data into the
3. Click the button to submit the page
4. You will be receiving the following error:
Server Error in '/' Application.
A potentially dangerous
Request.Form value was detected from the client
(TextBox1="test").Description: Request Validation has
detected a potentially dangerous client input value, and processing of the
request has been aborted. This value may indicate an attempt to compromise the
security of your application, such as a cross-site scripting attack. You can
disable request validation by setting validateRequest=false in the Page
directive or in the configuration section. However, it is strongly recommended
that your application explicitly check all inputs in this case.
Details: System.Web.HttpRequestValidationException: A potentially dangerous
Request.Form value was detected from the client (TextBox1="Test
Set the ValidateRequest property to false
in the page level (It is a very easy solution)
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs"
Inherits="WebApplication2._Default" ValidateRequest="false" %>
Now try rerunning the application and click the button. The error is