Server Error in '/' Application.
A potentially dangerous Request.Form value was detected from the client (FCKeditor1="...地产开发集团有限公司<br />
<br />
<img...").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (FCKeditor1="...地产开发集团有限公司<br />
<br />
<img...").
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
出现此错误后,根据多方资料查证,页面在编辑的内容中包含有HTML标记或脚本标记时,ASP.NET页面为了防范页面注入功能会启用保护机制,页面会抛出一个"A potentially dangerous Request.Form value was deceted from the client"的异常。从framework 2.0版本时只需要在页面<%@Page %>部分加入ValidateRequest="false"属性就可以解决,但是在framework 4.0以后还需要在web.config里加入<httpRuntime requestValidationMode="2.0"/>这个配置。
出现错误前的web.config配置图
修改web.config配置成功解决图
如果在web.config里没有httpRuntime属性的话就直接加 <httpRuntime requestValidationMode="2.0" />就可以了。
