A potentially dangerous Request.Form value was detected from the client (wresult=“<trust:RequestSecuri…”)

Question

I am also getting a request validation error when using WIF. I get correctly sent to the STS, but on the way back, I get this validation error.

I followed all the i

Answer 1

In MVC 3 (not sure about 2) you can add a global filter in global.asax.cs e.g.

public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
    filters.Add(new ValidateInputAttribute(false));
}

That coupled with the following should allow all data in and display it correctly and safely I think:

in web.config and using (note colon):

<%: Model.Something %>

or in Razor:

@Model.Something

and in some cases in Javascript:

@Html.Raw(Ajax.JavaScriptStringEncode(Model.Something))