Vista, visual web developer express 2010, c#, asp.net, webforms. Running program with ctrl-F5. I'm the only person who will ever run this program ... and it will only ever run on my laptop using a local database.
Writing app to download web pages, view them, (do some analysis), log some results. I found code to download pages - works well. I then set the text property of a textbox equal to the string contents of the page. That part also works. Then I went to run the code again, BUT the contents of the textbox gets validated and results in an error message.
A potentially dangerous Request.Form value was detected from the client (ctl00$MainContent$tbPageContents="
<!DOCTYPE HTML PUBLI...").
I can run the code over and over without problem - so long as I don't display the results in a textbox. I tried a couple different solutions:
I tried enabled="false" attribute in the textbox ... this allows me to view the first part of the code, but since the textbox is not enabled, I can't scroll up and down and look at the file. So this doesn't really solve the problem.
I tried setting validateRequest="false" in the page directive and in system.web (as per http://www.asp.net/learn/whitepapers/request-validation), but so far as I can tell it has no effect. That is, I still get the error.
I tried using html encoding the string contents before I put them into the textbox. That works on the display ... but it doesn't fix the problem that it fails on the next iteration of the problem.
I thought about catching the error and ignoring it, but the validation seems to happen before it executes my code-behind.
I don't actually HAVE to print the page to a window to do the analysis, but it would be very helpful if I could look at this stuff all at once or in snippets. I could just do a page source from a browser. I'm not sure ... maybe that's the preferred solution.
I'm really surprised that option #2 did not work, as that seems to be the recommended solution.
Here's the page directive I use:
<%@ Page Title="Home Page" Language="C#" MasterPageFile="~/Site.master" AutoEventWireup="true"
CodeBehind="Default.aspx.cs" Inherits="wan._Default" validateRequest="false" %>
Is there something else one needs to do to stop the validateRequest?
You should also use
<httpRuntime requestValidationMode="2.0" />in your web.config file. This instructs ASP.NET to change its validation mode to version 2.0.You may also like to see this question.