本文介绍了从客户端检测到有潜在危险的Request.Form值(的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
可能重复:结果 A可能是从客户端检测到危险的Request.Form值
我收到错误消息:结果
A可能是从客户端检测到危险的Request.Form值 (ctl00 $ $日程地址搜索Maincontent = textboxError ...结果我跑asp后(C#)Web应用程序。我该如何解决?
下面是我的code。
使用系统;使用System.Data这;使用System.Configuration;使用的System.Web;使用System.Web.Security;使用System.Web.UI程序;使用System.Web.UI.WebControls;使用System.Web.UI.HtmlControls;使用System.Net;使用System.Text.RegularEx pressions;命名空间SMS{公共部分类_Default:System.Web.UI.Page{保护无效的Page_Load(对象发件人,EventArgs的发送){ textboxRecipient.Width = 400; textboxMessage.Width = 450; textboxMessage.Rows = 10; textboxError.Width = 400; textboxError.Rows = 5; textboxError.ForeColor = System.Drawing.Color.Red; textboxError.Visible = FALSE; textboxError.Text =; 如果(!Page.IsPostBack) { textboxRecipient.Text =85593840396; textboxMessage.Text =的Hello World!; }}保护无效buttonSendOnClick(对象发件人,EventArgs的发送){ 如果(textboxRecipient.Text ==) { textboxError.Text + =收件人(S)字段不能为空\\ n!; textboxError.Visible = TRUE; 返回; } 字符串ozSURL =http://127.0.0.1; //其中大关NG短信网关运行 字符串ozSPort =9501; //其中大关NG短信网关的侦听端口号 字符串ozUser = HttpUtility.UrlEn code(tenh); //用户名登录成功 字符串ozPassw = HttpUtility.UrlEn code(tenh123); //用户密码 字符串ozMessageType =短信:TEXT; //消息的类型 字符串ozRecipients = HttpUtility.UrlEn code(textboxRecipient.Text); 字符串ozMessageData = HttpUtility.UrlEn code(textboxMessage.Text); 串createdURL = ozSURL +:+ ozSPort +/ httpapi+ ?行动=的sendMessage+ &放大器;用户名=+ ozUser + &放大器;密码=+ ozPassw + 与&为messageType =+ ozMessageType + 与&收件人=+ ozRecipients + 与& messageData =+ ozMessageData; 尝试 { HttpWebRequest的myReq =(HttpWebRequest的)WebRequest.Create(createdURL); HttpWebResponse myResp =(HttpWebResponse)myReq.GetResponse(); 就是System.IO.StreamReader respStreamReader =新 就是System.IO.StreamReader(myResp.GetResponseStream()); 字符串responseString = respStreamReader.ReadToEnd(); respStreamReader.Close(); myResp.Close(); //通知用户 textboxError.Text = responseString; textboxError.Visible = TRUE; } 赶上(例外) { textboxError.Text =大关NG短信网关服务器没有运行!; textboxError.Visible = TRUE; } } } }我已经C $ CS下面我的web.config加$:
validateRequest =假和requestValidationMode =2.0解决方案
不知道为什么 validateRequest =false的不工作。 错误原因:因为你是从一个网页,其中包含HTML标签和文本框文本属性不允许HTML字符串分配给它,所以你必须要使用的HTML标签转换的方法获取数据的相当于code。使用 HTML.En code 而分配方法 responseString 到 textboxError.Text 。这种方法潜在的不安全字符转换为它们的HTML-CN codeD等价的。
textboxError.Text = Server.HTMLEn code(responseString);Possible Duplicate: A potentially dangerous Request.Form value was detected from the client
I got error messages:
A potentially dangerous Request.Form value was detected from the client (ctl00$MainContent$textboxError=...after I run asp (C#) web application. how can I fix it?
Here is my code.
using System; using System.Data; using System.Configuration; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.HtmlControls; using System.Net; using System.Text.RegularExpressions; namespace SMS { public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { textboxRecipient.Width = 400; textboxMessage.Width = 450; textboxMessage.Rows = 10; textboxError.Width = 400; textboxError.Rows = 5; textboxError.ForeColor = System.Drawing.Color.Red; textboxError.Visible = false; textboxError.Text = ""; if (!Page.IsPostBack) { textboxRecipient.Text = "+85593840396"; textboxMessage.Text = "Hello World!"; } } protected void buttonSendOnClick(object sender, EventArgs e) { if (textboxRecipient.Text == "") { textboxError.Text += "Recipient(s) field must not be empty!\n"; textboxError.Visible = true; return; } string ozSURL = "127.0.0.1"; //where Ozeki NG SMS Gateway is running string ozSPort = "9501"; //port number where Ozeki NG SMS Gateway is listening string ozUser = HttpUtility.UrlEncode("tenh"); //username for successful login string ozPassw = HttpUtility.UrlEncode("tenh123"); //user's password string ozMessageType = "SMS:TEXT"; //type of message string ozRecipients = HttpUtility.UrlEncode(textboxRecipient.Text); string ozMessageData = HttpUtility.UrlEncode(textboxMessage.Text); string createdURL = ozSURL + ":" + ozSPort + "/httpapi" + "?action=sendMessage" + "&username=" + ozUser + "&password=" + ozPassw + "&messageType=" + ozMessageType + "&recipient=" + ozRecipients + "&messageData=" + ozMessageData; try { HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(createdURL); HttpWebResponse myResp = (HttpWebResponse)myReq.GetResponse(); System.IO.StreamReader respStreamReader=new System.IO.StreamReader(myResp.GetResponseStream()); string responseString = respStreamReader.ReadToEnd(); respStreamReader.Close(); myResp.Close(); //inform the user textboxError.Text = responseString; textboxError.Visible = true; } catch (Exception) { textboxError.Text = "Ozeki NG SMS Gateway Server is not running!"; textboxError.Visible = true; } } } }I already add codes below to my web.config :
validateRequest="false" and requestValidationMode="2.0"解决方案
Don't know why validateRequest="false" is not working. Error Reason: Because you are getting data from a web page which contains Html tags and textbox text property does not allow to assign html strings to it, so you have to use a method which converts html tags to their equivalent code. Use HTML.Encode Method while assigning responseString to the textboxError.Text. This method converts potentially unsafe characters to their HTML-encoded equivalent.
textboxError.Text = Server.HTMLEncode(responseString);
更多推荐
从客户端检测到有潜在危险的Request.Form值(
发布评论