Question

这是例外

System.Web.HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder1$txtCodeFormate="<a href="%%strpath%%...").
   at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection)
   at System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection)
   at System.Web.HttpRequest.get_Form()
   at System.Web.HttpRequest.get_HasForm()
   at System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull)
   at System.Web.UI.Page.DeterminePostBackMode()
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest()
   at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
   at System.Web.UI.Page.ProcessRequest(HttpContext context)
   at ASP.ccadmin_cms_setup_aspx.ProcessRequest(HttpContext context)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

直到现在我已经尝试了以下选项，

 <httpRuntime targetFramework="4.5" requestValidationMode="2.0" />
 <pages validateRequest="false" enableEventValidation="false"></pages>

仅供参考，它在本地工作正常，但当我在服务器上部署它不能正常工作时，我需要在IIS工作吗？

Answer 1

我相信您提出的所有选项的问题已经回答here。

修改Web.config后，您是否尝试过以下操作？

选项1：在模型上，将此属性添加到您需要允许HTML的每个属性 - 最佳选择

[AllowHtml]

选项2：在控制器操作上添加此属性以允许所有HTML

[ValidateInput(false)]

从客户端检测到潜在危险的Request.Form值

1 个答案: