validate-request

I'm wanting to allow users to enter HTML in only a single TextBox. I understand it's possible to change ValidateRequest in the page directive to false in order to remove protection. I'm guessing that this allows HTML to be entered in any TextBox on the page. Is there anyway to apply ValidateRequest="false" on only a single control? Thanks for any help. No, the request validation is for the entire request or nothing. The validation was added as a default to protect developers who are clueless about input validation. If you know that all input has to be treated as unsafe and know how to properly

How can I allow a user to input HTML into a particular field using ASP.net MVC. I have a long form with many fields that get mapped to this complex object in the controller. I would like to make one field (the description) allow HTML which I will preform my own sanitation on at a later point. Kelsey Add the following attribute the action (post) in the controller that you want to allow HTML for: [ValidateInput(false)] Edit: As per Charlino comments: In your web.config set the validation mode used. See MSDN : <httpRuntime requestValidationMode="2.0" /> Edit Sept 2014: As per sprinter252 comments

I have a form at which I use ckeditor. This form worked fine at Asp.Net 2.0 and 3.5 but now it doesn't work in Asp.Net 4+. I have ValidateRequest="false" directive. Any suggestions? Found solution at the error page. Just needed to add requestValidationMode="2.0" <system.web> <compilation debug="true" targetFramework="4.0" /> <httpRuntime requestValidationMode="2.0" /> </system.web> MSDN information: HttpRuntimeSection.RequestValidationMode Property Ben Hoffman There is a way to turn the validation back to 2.0 for one page. Just add the below code to your web.config: <configuration> <location