I am getting this error in my ASP.NET MVC application where I am taking HTML input from a WYSIWYG so I don't want the content validated.
I have attempted the solution I found here but it seems to make no difference in my MVC application. I have also tried doing it in the web.config but again - no joy.
Is this a bug in ASP.NET MVC or something?
In MVC you would use the ValidateInput(false) attribute.
You then need to sanitize your inputs, e.g. with something like this (built in to ASP.NET 4.5+; use NuGet package for earlier).
In MVC 3 and later, you can also use the [AllowHtml]
attribute. This attribute allows you to be more granular by skipping validation for only one property on your model.
https://docs.microsoft.com/en-us/dotnet/api/system.web.mvc.allowhtmlattribute?view=aspnet-mvc-5.2
Just place this attribute: [ValidateInput(false)] on the action method on the controller that handles the form post.
use <httpRuntime requestValidationMode="2.0" />
in web config
Found the answer here:
In your controller action method, (the one which is bringing this) add [ValidateInput(false)]
Example
[HttpPost]
[ValidateInput(false)]
public ActionResult Insert(FormCollection formCollection, Models.Page page)
{
//your code
return View();
}
来源:https://stackoverflow.com/questions/1455528/a-potentially-dangerous-request-form-value-was-detected-from-the-client-asp-ne