The potentially dangerous Request.Form value was detected on the MVC4 client

Question

The potentially dangerous Request.Form value was detected on the MVC4 client

I get this error when inserting a record with the character "<".

how to solve this error by inserting a line with "<" in this. im using an entity structure. this column is of the nvarchar data type.

early.

+1

c # asp.net-mvc asp.net-mvc-4

Daniel Crisostomo Feb 10 '14 at 9:07

source share

2 answers

In addition to what @scheien has already suggested, you can check to see if you are setting the input (with a potentially dangerous script ie <character) to some model value that does not accept it. Try to do this:

 [AllowHtml] public string text{ get; set;}

+8

Shashank chaturvedi Feb 10 '14 at 10:05

source share

scheien · Accepted Answer · 2014-02-10T09:22:57+0000

You can try setting the requestValidationMode="2.0" attribute in the <httpRuntime /> element in web.config

 <system.web> ... <httpRuntime targetFramework="4.5" requestValidationMode="2.0" /> ... </system.web>

And decorate your controller / action (choose the appropriate one):

 [HttpPost] [ValidateInput(false)] public ActionResult MyMethod(string s) { .... }

Note. Always sanitize your entrance.

The potentially dangerous Request.Form value was detected on the MVC4 client

More articles: