none
HTTPRequestValidation Exception in Production application logs RRS feed

  • Question

  • An error occured in production application logs where error log says:

    System.Web.HTTPRequestValidationException: A potentially dangerous Request.Form value was detected  from the client.

    Application is built in .Net framework 2.0 and hosted in IIS 7  on Windows Server 2008 R2 Standard OS.  Trying to understand the root cause behind this error occured, is it because of .Netframework/IIS/any firewall/network/ issue?. There were no application/server level changes happened. 


    Thursday, July 4, 2019 6:05 AM

All replies

  • Hi Abhishek,

    Thank you for posting here.

    Based on your description, you want to solve the exception. I have some questions to confirm with you.

    First, what is your current project?

    Second, could you provide some code to reproduce your problem?

    It will be better for us to solve the problem if provide the above information.

    Note: please do not reveal your personal information(such as email address), MSDN does not collect it.

    Best Regards,

    Jack


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.


    Thursday, July 4, 2019 9:00 AM
  • This question is related to ASP.NET page handling. Please post questions related to ASP.NET in the ASP.NET forums.

    PS. The problem is that you are sending HTML as part of form data back to the server and this is a key way to hack a website so it is not allowed by default. You have to "opt in" to sending HTML from the client back to the server as part of a request. The ASP.NET forum folks can help you resolve this error.


    Michael Taylor http://www.michaeltaylorp3.net

    Friday, July 5, 2019 1:58 PM