A potentially dangerous Request.Form value was detected from the client in .Net 4... | ansaurus

tags:

views:

189

answers:

1

Q:

A potentially dangerous Request.Form value was detected from the client in .Net 4...

So, this whitepaper describes one of the breaking changes in .Net 4 to be the error message "A potentially dangerous Request.Form value was detected from the client in", and the fix to enter into the Web.config file

I have 2 problems with this. Does this mean that any website where I want a wysiswyg editor like tinymce, or ckeditor, the requestValidationMode has to be 2.0? What benefits do you lose out on in this case? (if I lose no benefits to setting requestValidationMode to 2.0, why not set it by default so it doesn't break anything?)

In 2.0/3.5 I was able to set ValidateRequest on a page by page basis - this is of course still possible in .Net 4.0 , but in order to set it on a page level, I have to make a site wide change? Does this not seem entirely backward?

Have I got this right/is this as rubbish as it sounds, or have I missed something?

A:

seems to be already discussed in http://stackoverflow.com/questions/81991/a-potentially-dangerous-request-form-value-was-detected-from-the-client

santa 2010-07-12 10:32:29

Hm, sort of. It doesn't really address it being a .Net 4 problem, it really only looks at the general, how to cope with it issue. I want to know if there's something specific we should be doing in .Net 4, and if you lose anything by setting requestValidationMode to 2.0

Paul 2010-07-12 10:39:48

related questions

How do I write private set auto-properties in VB 10?

Does Visual Studio 2010 Beta support .NET 2.0 projects? What about SQL 2005 DBs?

Impact of changes to the CAS policies in .NET 4.0?

If I didn't get along with Entity Framework until now, Is there a chance I will like the new EF in .Net 4.0

Have Microsoft rewritten Windows Workflow Foundation in .NET 4.0?

Good XMPP/Jabber client library for .NET 3.5 (or 4.0)

Workflow 4.0 Argument Errors

Will Visual Studio 2010 combine the express editions into a single product?

What will be the new features available in ASP.Net 4.0?

Can I develop asp.net 3.5/2.0 projects using Visual Studio 2010?

Getting NCover to work on .Net 4.0 Beta 1

whats new in C# 4 for a static-typed guy

.net framework 4.0 documentation

What features are people looking forward to in .Net 4.0 - 4.1

How mature is the Microsoft Code Contracts framework?

Is there anyway to access the DotNet 4.0 Class library without downloading the entire CTP VPC

How do I indicate that a method never returns a null using code contracts?

.NET 4.0 - The "dynamic" keyword

.NET 4.0 and Visual Studio release date

Has anyone heard of how .NET 4.0 may change/affect Asp.net MVC?

Parallel LINQ in WebApps?

Useful new .net(3.0,4.0) technology features.

Confirmed features of .NET 4.0?

What information has been released regarding the .NET Framework 4.0?

Will .Net 4.0 include a new CLR or keep with version 2.0