Asp.Net MVC输入验证被禁用后,仍然射击 [英] Asp.Net MVC Input Validation still firing after being disabled
问题描述
我已经停用 validateRequest
在我的web.config,但应用程序仍触发错误:
从客户端检测到有潜在危险的Request.Form值
块引用>我有在我的web.config以下
<的httpRuntime requestValidationMode =2.0/>
&所述;网页validateRequest =假>我也试过在我的控制器以下无济于事
< ValidateInput(假)> _
< AcceptVerbs(HttpVerbs.Post)GT; _
功能编辑(BYVAL用户作为Domain.User,BYVAL ID作为整数)作为的ActionResult
解决方案答发现
<一href=\"http://stackoverflow.com/questions/807662/why-is-validateinputfalse-not-working\">http://stackoverflow.com/questions/807662/why-is-validateinputfalse-not-working您必须设置ValidInput的在控制器和在web.config中。
&LT;的httpRuntime requestValidationMode =2.0/&GT;
I've disabled
validateRequest
in my web.Config, but the app is still firing the error:A potentially dangerous Request.Form value was detected from the client
I've got the following in my web.Config
<httpRuntime requestValidationMode="2.0" /> <pages validateRequest="false">
I've also tried the following in my controller to no avail
<ValidateInput(False)> _ <AcceptVerbs(HttpVerbs.Post)> _ Function Edit(ByVal user As Domain.User, ByVal id As Integer) As ActionResult
解决方案Answer found http://stackoverflow.com/questions/807662/why-is-validateinputfalse-not-working
You have to set the ValidInput in the Controller AND in the web.Config.
<httpRuntime requestValidationMode="2.0"/>
这篇关于Asp.Net MVC输入验证被禁用后,仍然射击的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!