出现错误如下:
A potentially dangerous Request.Form value was detected from the client (ctl00$MainContent$txtCode="<code></code>").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set requestValidationMode="2.0" in theconfiguration section. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in theconfiguration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ctl00$MainContent$txtCode="<code></code>").
Version Information: Microsoft .NET Framework Version:4.0.21006; ASP.NET Version:4.0.21006.1
如图所示:
原因:NET的版本问题,主要是2.0和4.0版本的验证模式问题,一般是基于.NET2.0开发的网站在发布在服务器的时候使用了.NE4.0的框架集,才会出现在这种错误。页面在编辑的内容中包含有HTML标记或脚本标记等危险字符串时,ASP.NET的页面为了防止页面注入而启用的保护机制,页面会出现一个"A potentially dangerous Request.Form value was deceted from the client"的错误。在framework 2.0版本时只需要在页面<%@Page %>部分位置加入ValidateRequest="false"属性值就可以解决问题,但是在framework 4.0以后的版本就还要在web.config的配置文件里加入<httpRuntime requestValidationMode="2.0"/>这个配置才可以解决。
解决:建议使用.NET2.0框架集,IIS6的服务器 在网站属性的【ASP.NET】那里可以设置NET的框架集版本,IIS7的服务器在应用程序池那里可以进行设置。如果是需要进行升级到.NET4.0的话就通过下面的方式设置webcofig 即可。
在全局级别(Web.config中)设置
<configuration>
<system.web>
<pages validateRequest="false">
或者:
在全局级别(Web.config中)设置
<configuration>
<system.web>
<httpRuntime requestValidationMode="2.0">