System.Web.HttpRequestValidationException:有潜在危险 从客户端
检测到Request.Form值
当上述异常上升时,通常建议使用以下属性禁用验证请求
[ValidateInput(false)]
public ActionResult Save(string content)
{
System.IO.File.WriteAllText(fileName, content);
return View();
}
那么为什么要提出这个验证呢?如何正确处理此异常?
答案 0 :(得分:1)
当网址请求(您的示例:string content)包含危险关键字:“>,?,<,etc ...”时。
如果要处理此异常(例如:允许这些),您可以按照示例代码:
using System;
using System.Web.Mvc;
namespace Custom {
public class CustomValidateInput : FilterAttribute, IAuthorizationFilter {
/// <summary>
/// Called when authorization is required.
/// </summary>
/// <param name="filterContext">The filter context.</param>
/// <exception cref="System.ArgumentNullException">filterContext</exception>
public void OnAuthorization(AuthorizationContext filterContext) {
if (filterContext == null) {
throw new ArgumentNullException("filterContext");
}
//Set disable validation request
filterContext.Controller.ValidateRequest = false;
//----------Your code handle here------------//
}
}
}
和
[CustomValidateInput]
public ActionResult Save(string content)
{
System.IO.File.WriteAllText(fileName, content);
return View();
}