我正在开发一个简单的.Net 4.0 webservice。我创建了一个接受字符串输入的方法。我在调试模式下运行项目,因此我的浏览器中会打开一个页面,我可以在其中输入输入并调用服务方法。不幸的是我收到以下错误:
System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (xmlData="<?xml version="1.0" ...").
at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection)
at System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, RequestValidationSource requestCollection)
at System.Web.HttpRequest.get_Form()
at System.Web.Services.Protocols.HtmlFormParameterReader.Read(HttpRequest request)
at System.Web.Services.Protocols.HttpServerProtocol.ReadParameters()
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
我尝试添加
<pages validateRequest="false" />
到web.config。它不起作用。
我该怎么办?
答案 0 :(得分:7)
我找到了解决方案:
在.Net 4中,你必须在&lt; system.web&gt;:
<httpRuntime requestValidationType="MyService.CustomRequestValidator" />
CustomRequestValidator类是您必须自己添加的验证。然后简单地覆盖bool IsValidRequestString()方法并返回 true 以消除验证:
/// <summary>
/// Validates the input based on some custom rules
/// </summary>
public class CustomRequestValidator : RequestValidator
{
/// <summary>
/// Validates a string that contains HTTP request data.
/// </summary>
/// <param name="context">The context of the current request.</param>
/// <param name="value">The HTTP request data to validate.</param>
/// <param name="requestValidationSource">An enumeration that represents the source of request data that is being validated. The following are possible values for the enumeration:QueryStringForm CookiesFilesRawUrlPathPathInfoHeaders</param>
/// <param name="collectionKey">The key in the request collection of the item to validate. This parameter is optional. This parameter is used if the data to validate is obtained from a collection. If the data to validate is not from a collection, <paramref name="collectionKey"/> can be null.</param>
/// <param name="validationFailureIndex">When this method returns, indicates the zero-based starting point of the problematic or invalid text in the request collection. This parameter is passed uninitialized.</param>
/// <returns>
/// true if the string to be validated is valid; otherwise, false.
/// </returns>
protected override bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex)
{
// Set a default value for the out parameter.
validationFailureIndex = -1;
return true;
// // All other HTTP input checks are left to the base ASP.NET implementation.
// return base.IsValidRequestString(
// context,
// value,
// requestValidationSource,
// collectionKey,
// out validationFailureIndex);
}
}
}