nLL

Mobile web, .Net, Android, gadgets and some random stuff

Unable to disable Asp.Net 4 Request Validation Errors?

Since I started to develop with .Net 4 something was bugging me. I was unable to disable  Request Validation like on 2. There is option on .Net 4 that you can set it .Net 2 model with

   requestValidationMode="2.0" 

So that you can enable/disable validation on page level. But, if you are using .Net 4 WebForms Routing sometimes you end up with errors like

   A potentially dangerous Request.Path value was detected from the client

Although it is good thing to filter out dangerous requests in my case i need to have them present in the url.

There is a simple solution for it. You just need to set HttpRuntimeSection.RequestPathInvalidCharacters Property as you like. Default illegal chars are  "<,>,*,%,&,:,\,?".

You can change them in your web.config. Here is my perefered settings

<httpRuntime requestValidationMode="2.0" requestPathInvalidCharacters="*,:" /> 

For more info read

HttpRuntimeSection.RequestValidationMode Property
HttpRuntimeSection.RequestPathInvalidCharacters Property
http://blog.tjitjing.com/index.php/2010/10/how-to-remove-characters-to-avoid-net-request-validation-error-a-potentially-dangerous-request-path-value-was-detected-from-the-client.html

Comments (1) -

  • Mazdak

    7/24/2013 6:00:42 PM | Reply

    Thanks, It's work for me.

Add comment