|
-
June 8th, 2009, 06:51 AM
#1
"A potentially dangerous Request.Form value was detected from the client"
I have embedded some secret in my webpage:
<input name="ctl00$txtEncryptedAuthToken" type="hidden" id="ctl00_txtEncryptedAuthToken" value="2'*—d-&#171;Y‚&#251;&#176;&#237;F7&#224;_]tL&#175;%v&#241;5&gt;&gt;8&#209;&#215;&#160;œf&#253;&#248;&#178;&#176;&#200;&#164;z&#187;&#208;&#220;J&#220;‚&#209;Ÿ&#245;p'/g&#237;`„@&#214;d?&#225;&#208;&#186;&#226;&#247;&#179;+)&#225;&#252;*e/(&#228;;&#215;S›&#211;&#239;&#184;&#252;_r&#239;&#201;&#191;�&#207;J&#162;}2R9&#229;žv(›&#230;&#232;—&gt;q)&#163;&#232;ŠEY&#218;&#193;&#226;&#224;&#187;&#162;&quot;&#173;&#179;Ÿ&#168;&#166;—&#227;�&#215;€w&#168;9,&#161;&#219;&quot;&#168;�LhŸqž&#217;&#225;&#250;&#201;&#236;&#163;ˆ&#221;&#190;&#208;Q&#231;˜&#173Wink&#246;&#179;wG&#209;&#176;P&#219;&#223;hpNu•&#222;&#188;’&#210;V&#210;&#241;&#195;
T&#255;X=r&#239;&#219;‰h&#235;tŒ&#191;" />
And on postback I get: "A potentially dangerous Request.Form value was detected from the client"
okay I understand this, http://www.cryer.co.uk/brian/mswinsw..._dangerous.htm[^]
But I don't think it is open/close tag (because there isn't one and I already HtmlEncode the string before I stick it on the page). And I certainly don't want to turn off page validation by setting ValidateRequest="false". What other alternative do I have?
Note difference between big/small open bracket character however:
› small bracket
> big/open bracket
Thanks
Last edited by THY02K; June 8th, 2009 at 07:03 AM.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
