A possibly dangerous value Request.Form was detected on the client

6

I have a problem when I send this type of input in the input field: &&&&%$&#_(@)(#_!**@#)24 R87R XDHNSIFN 89Q7201784 The Resquest.Form error occurs.

Error Message:

Controller

usingSystem;usingSystem.Collections.Generic;usingSystem.Linq;usingSystem.Web;usingSystem.Web.Mvc;usingTesteInputValidation.Models;namespaceTesteInputValidation.Controllers{publicclassHomeController:Controller{publicActionResultIndex(){returnView();}[HttpPost]publicActionResultIndex(Cartaot){varteste=t;returnView();}}}

Model

usingSystem;usingSystem.Collections.Generic;usingSystem.Linq;usingSystem.Web;namespaceTesteInputValidation.Models{publicclassCartao{publicstringCartaoBeneficiario{get;set;}}}

View

@modelTesteInputValidation.Models.Cartao@{ViewBag.Title="Home Page";
}

<div class="jumbotron">
    <h1>ASP.NET</h1>
    <p class="lead">ASP.NET is a free web framework for building great Web sites and Web applications using HTML, CSS and JavaScript.</p>
    <p><a href="http://asp.net" class="btn btn-primary btn-lg">Learn more &raquo;</a></p>
</div>

<div class="row">
    @using (Html.BeginForm(null, null, FormMethod.Post, new {@id = "frmFiltro", @class = "smart-form"}))
    {
        @Html.TextBoxFor(model => model.CartaoBeneficiario, new { @class = "form-control", @id = "txtNumeroCartao" })

    <footer>
        <button id="enviar" type="submit" class="btn btn-primary wait-process">Enviar</button>
    </footer>
    }


</div>

If I take validation will I take all validations of Data Annotation?

Is there a way to handle this error correctly?

    
asked by anonymous 19.06.2015 / 15:13

1 answer

10

Decorate your method with the ValidateInput attribute

[HttpPost]
[ValidateInput(false)]
public ActionResult index()
{
   return view();
}

You may need this in your Web.Config

<httpRuntime requestValidationMode="2.0"/>
    
19.06.2015 / 15:27