Oct 06, 2011, 9:23 AM
[CLOSED] A potentially dangerous Request.Form value was detected from XML
I want to printout XML from store. Some of my columns contains HTML So I have
I need to output my data, but have no idea how to do right with direct events and ext.net. help please.
protected void MyStore_Submit(object sender, StoreSubmitDataEventArgs e)
{
XmlNode xml = e.Xml;
string strXml = xml.OuterXml;
this.Response.AddHeader("Content-Disposition", "attachment; filename=data.xml");
this.Response.AddHeader("Content-Length", strXml.Length.ToString());
this.Response.ContentType = "application/xml";
this.Response.Write(strXml);
}
and this report error
A potentially dangerous Request.Form value was detected from the client (submitDirectEventConfig="...ption\":\"<FONT face=\\\"tahom...").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (submitDirectEventConfig="...ption\":\"<FONT face=\\\"tahom...").
Source Error:
[No relevant source lines]
Source File: c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temp orary ASP.NET Files\axwebtasktracker\c73b468a\6cadce2c\App_Web_4 faq77jg.0.cs Line: 0
Stack Trace:
[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (submitDirectEventConfig="...ption\":\"<FONT face=\\\"tahom...").]
System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) +8734578
System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName) +111
System.Web.HttpRequest.get_Form() +129
System.Web.HttpRequest.get_HasForm() +8734679
System.Web.UI.Page.GetCollectionBasedOnMethod(Bool ean dontReturnNull) +97
System.Web.UI.Page.DeterminePostBackMode() +63
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6785
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +242
System.Web.UI.Page.ProcessRequest() +80
System.Web.UI.Page.ProcessRequestWithNoAssert(Http Context context) +21
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.sandpage_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temp orary ASP.NET Files\axwebtasktracker\c73b468a\6cadce2c\App_Web_4 faq77jg.0.cs:0
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication.IExecutionStep.Execute() +181
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean& completedSynchronously) +75
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (submitDirectEventConfig="...ption\":\"<FONT face=\\\"tahom...").
Source Error:
[No relevant source lines]
Source File: c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temp orary ASP.NET Files\axwebtasktracker\c73b468a\6cadce2c\App_Web_4 faq77jg.0.cs Line: 0
Stack Trace:
[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (submitDirectEventConfig="...ption\":\"<FONT face=\\\"tahom...").]
System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) +8734578
System.Web.HttpRequest.ValidateNameValueCollection (NameValueCollection nvc, String collectionName) +111
System.Web.HttpRequest.get_Form() +129
System.Web.HttpRequest.get_HasForm() +8734679
System.Web.UI.Page.GetCollectionBasedOnMethod(Bool ean dontReturnNull) +97
System.Web.UI.Page.DeterminePostBackMode() +63
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6785
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +242
System.Web.UI.Page.ProcessRequest() +80
System.Web.UI.Page.ProcessRequestWithNoAssert(Http Context context) +21
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.sandpage_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temp orary ASP.NET Files\axwebtasktracker\c73b468a\6cadce2c\App_Web_4 faq77jg.0.cs:0
System.Web.CallHandlerExecutionStep.System.Web.Htt pApplication.IExecutionStep.Execute() +181
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean& completedSynchronously) +75
Last edited by Daniil; Oct 10, 2011 at 12:11 PM.
Reason: [CLOSED]