Solved

A potentially dangerous Request.Form value was detected from the client

Posted on 2009-04-03
2
1,732 Views
Last Modified: 2013-11-08
Dear Experts,

I know we will have this error if we input dangerous value like <script>.
and I know we can turn it off by using validaterequest in web.config or put it at each page.

but when we wrap it with <asp:updatepanel.. the error will become javascript error:
"Error: Sys.WebForms.PageRequestManagerServerErrorException: An unknown error occurred while processing the request on the server. The status code returned from the server was: 500"

How do we handle this? is it possible to make the error more friendly? maybe redirect it to other site? or if possible displaying an ajax message..

unwrap it from <asp:updatepanel also make an ugly error: "A potentially dangerous Request.Form value was detected from the client"

and I don't want to set the validaterequest to false either :).

Please kindly advise for better solution.

Thank you.




0
Comment
Question by:hotex
2 Comments
 
LVL 6

Accepted Solution

by:
hehdaddy earned 500 total points
ID: 24068663
To catch the 500 error from the update panel, you can use script like this. It has to be placed after the script manager control:

Sys.WebForms.PageRequestManager.getInstance().add_endRequest(EndRequestHandler);

function EndRequestHandler(sender, args)
{
   if (args.get_error() != undefined)
   {
       var errorMessage;
       if (args.get_response().get_statusCode() == '500')
       {
           // Handle your error here
       }
       else
       {
           // Use this space for any other unspecified errors
       }
       args.set_errorHandled(true);
   }
}

On the server side, you can use the Global.asax file:

        protected void Application_Error(object sender, EventArgs e)
        {
            Exception ex = Server.GetLastError();

            if (ex is HttpRequestValidationException)
            {
                Response.Redirect("error.aspx");
                return;
            }
        }

I hope this helps.
0
 

Author Closing Comment

by:hotex
ID: 31566245
on server side we need to call Server.ClearError(); before redirecting..
Great solution. Thank you hehdaddy.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Any Third party toll for Integrating chat system on ASP.NET ? 2 34
Syntax Error 2 46
Angular - break the dataset in chunks? 7 39
ASP.NET 5 Templates 2 66
Wouldn’t it be nice if you could test whether an element is contained in an array by using a Contains method just like the one available on List objects? Wouldn’t it be good if you could write code like this? (CODE) In .NET 3.5, this is possible…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now