Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 484
  • Last Modified:

Problem with Editor

Hi,

Using these

    <script type="text/javascript" src="<%= ResolveUrl("~/content/javascript/ckeditor/ckeditor.js") %>"></script>
    <script type="text/javascript" src="<%= ResolveUrl("~/content/javascript/ckeditor/adapters/jquery.js") %>"></script>
    <textarea id="ta1" name="MyEA" runat="server" ></textarea>
    <script type="text/javascript">
        CKEDITOR.replace('<%=ta1.ClientID.Replace("_","$") %>', { toolbar: 'Mybar' });
    </script>
    ...
cmd.Parameters.Add("@ite_desc", SqlDbType.NVarChar).Value = ta1.InnerHtml;
...

Open in new window

I get this error

Server Error in '/App7' Application.

A potentially dangerous Request.Form value was detected from the client (ta1="<p>I want to rent th...").

Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see http://go.microsoft.com/fwlink/?LinkID=212874. 

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ta1="<p>I want to rent th...").

Source Error: 

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace: 


[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ta1="<p>I want to rent th...").]
   System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +12689689
   System.Web.HttpValueCollection.GetValues(Int32 index) +109
   System.Collections.Specialized.NameValueCollection.Add(NameValueCollection c) +116
   System.Web.HttpRequest.FillInParamsCollection() +67
   System.Web.HttpRequest.GetParams() +106
   AjaxControlToolkit.ToolkitScriptManager.OutputCombinedScriptFile(HttpContext context) +206
   AjaxControlToolkit.ToolkitScriptManager.OnInit(EventArgs e) +70
   System.Web.UI.Control.InitRecursive(Control namingContainer) +186
   System.Web.UI.Control.InitRecursive(Control namingContainer) +314
   System.Web.UI.Control.InitRecursive(Control namingContainer) +314
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12659043
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12658553
   System.Web.UI.Page.ProcessRequest() +119
   System.Web.UI.Page.ProcessRequest(HttpContext context) +99
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +913
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +165

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.18446

Open in new window

when saving the record. why?
0
HuaMinChen
Asked:
HuaMinChen
  • 3
1 Solution
 
David Johnson, CD, MVPOwnerCommented:
@ite_desc I think this might be the problem, but if you want to disable security validation on the page or globally (dangerous) follow the steps @ http://msdn.microsoft.com/en-us/library/hh882339.aspx
0
 
c lCommented:
try putting the following in your web.config file

<httpRuntime requestValidationMode="2.0" />

just make sure you check your data before saving anything to your database!
0
 
c lCommented:
doh! beat me to it Dave :)
0
 
c lCommented:
this probably should have been split between Dave and myself, no?
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now