EventValidation turned off


It is recommended in msdn not to turn off the event validation property for an asp.net web page. Can an expert tell me the real dangers involved in turning off this page property?
Who is Participating?
Jerry MillerConnect With a Mentor Commented:
The StackOverflow question above gives a great explanation of why it is a bad idea. If malicious users can bypass validation they can send anything to your database. Once they can add values and possibly inject code that can damage your application, database, or steal your data your site essentially belongs to the malicious user.
Dale BurrellDirectorCommented:
aghdennisAuthor Commented:
Thanks all. I was handling the doPostBack function manually via javascript but could not allocate a value to the eventArgument of the input type hidden field due to an error regarding RaisingEventValidation. However when I turned eventvalidation off, it worked. I was therefore trying to weigh the loss in security when the property is turned off.

Thanks guys for your contribution.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.