To get away from errors that start out like like this:
A potentially dangerous Request.Form value was detected from the client...
Put this inside of system.web in Web.config:
<httpRuntime requestValidationMode="2.0" />
And put this...
ValidateRequest="false"
...inside of that topmost line of the .aspx markup that looks like:
<%@ Page Language="C#" CodeBehind="Foo.aspx.cs"...
By the way this suggested that you should use window.escape and window.unescape in JavaScript to just doctor up TextBox's contents in advance of a post-to-self in lieu of opening a security hole pagewide. I have not tried it. I found it interesting.
No comments:
Post a Comment