11.02.2020, 16:57 | #1 |
Участник
|
AX2012 R3 WMDP, Разрешить ввод "<" в поля web-формы (ошибка "A potentially dangerous Request.Form value was detected from the client")
Доброго дня!
AX2012 R3 Warehouse Mobile Device Portal, IIS 8 Коллеги, есть необходимость разрешить ввод в поля web-формы коды маркировки, иногда содержащие символ "<", т.е. напомишающие html-тэги. При отправке формы получаем ошибку: "A potentially dangerous Request.Form value was detected from the client" Как отключить эту валидацию? Правки web.config не помогают. Цитата:
A potentially dangerous Request.Form value was detected from the client (IC="<asdf").
Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see http://go.microsoft.com/fwlink/?LinkID=212874. Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (IC="<asdf"). Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (IC="<asdf").] System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +324 System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection) +239 System.Web.HttpRequest.get_Form() +50 System.Web.HttpRequestWrapper.get_Form() +10 System.Web.Mvc.FormValueProvider..ctor(ControllerContext controllerContext) +36 System.Web.Mvc.FormValueProviderFactory.GetValueProvider(ControllerContext controllerContext) +32 System.Web.Mvc.<>c__DisplayClass6.<GetValueProvider>b__1(ValueProviderFactory factory) +34 System.Linq.WhereSelectEnumerableIterator`2.MoveNext() +164 System.Linq.WhereSelectEnumerableIterator`2.MoveNext() +87 System.Collections.Generic.List`1..ctor(IEnumerable`1 collection) +387 System.Linq.Enumerable.ToList(IEnumerable`1 source) +54 System.Web.Mvc.ValueProviderFactoryCollection.GetValueProvider(ControllerContext controllerContext) +251 System.Web.Mvc.ControllerBase.get_ValueProvider() +30 System.Web.Mvc.ControllerActionInvoker.GetParameterValue(ControllerContext controllerContext, ParameterDescriptor parameterDescriptor) +62 System.Web.Mvc.ControllerActionInvoker.GetParameterValues(ControllerContext controllerContext, ActionDescriptor actionDescriptor) +105 System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName) +311 System.Web.Mvc.Controller.ExecuteCore() +105 System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext) +42 System.Web.Mvc.ControllerBase.System.Web.Mvc.IController.Execute(RequestContext requestContext) +10 System.Web.Mvc.<>c__DisplayClass8.<BeginProcessRequest>b__4() +31 System.Web.Mvc.Async.<>c__DisplayClass1.<MakeVoidDelegate>b__0() +16 System.Web.Mvc.Async.<>c__DisplayClass8`1.<BeginSynchronous>b__7(IAsyncResult _) +10 System.Web.Mvc.Async.WrappedAsyncResult`1.End() +50 System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +28 System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +549 System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +132 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +163 |
|