提交表单中包含特殊字符如<script>可能被认为是跨站攻击代码;解决方法很多,如*上的web.config中加设置的方法不中肯[如原贴中Jamie M所说],主要是在.net4.5 asp.net mvc5下用(<pages validaterequest="false"/>和<httpRuntime requestValidationMode="2.0" />)会报错[至少在我本机上有这个问题],于是就如Jamie M建议的做法:在Controller或Action头上加属性[ValidateInput(false)],并且在web.config中添加<httpRuntime requestValidationMode="2.0" /> 得解。注:httpRuntime不能在system.web出现两次,所以合并到一个节点上;
相关文章
- 自己留存:小经验在asp.net 4.5或者asp.net mvc 5解决A potentially dangerous Request.Form value was detected from the client
- ASP.NET 4.0 potentially dangerous Request.Form value was detected
- [BILL WEI] A potentially dangerous Request.Path value was detected from the client 异常处理办法
- A potentially dangerous Request.Form value was detected from the client问题处理