本文介绍了在ASP.NET 4.0环境下集成CKEditor 3.5时遇到的安全验证错误,并提供了详细的解决方案,包括修改web.config文件及设置页面验证属性。
新发布的版本Ckeditor3.5 嵌入到 ASP.net 4.0 页面时报错如下:
Server Error in '/' Application.
A potentially dangerous Request.Form value was detected from the client
(ctl00$ContentPlaceHolder_Body$tbContent="<p>
地方</p>
").
Description:
Request Validation has detected a potentially dangerous client input value,
and processing of the request has been aborted. This value may indicate an
attempt to compromise the security of your application, such as a cross-site
scripting attack. To allow pages to override application request validation
settings, set the requestValidationMode attribute in the httpRuntime
configuration section to requestValidationMode="2.0". Example: <httpRuntime
requestValidationMode="2.0" />. After setting this value, you can then
disable request validation by setting validateRequest="false" in the Page
directive or in the <pages> configuration section. However, it is strongly
recommended that your application explicitly check all inputs in this case. For
more information, see http://go.microsoft.com/fwlink/?LinkId=153133.
Exception Details: System.Web.HttpRequestValidationException: A
potentially dangerous Request.Form value was detected from the client
(ctl00$ContentPlaceHolder_Body$tbContent="<p>
地方</p>
").
Source
Error:
The source code that generated this unhandled exception can only be
shown when compiled in debug mode. To enable this, please follow one of the
below steps, then request the URL:
1. Add a "Debug=true" directive at the
top of the file that generated the error. Example:
<%@ Page
Language="C#" Debug="true" %>
or:
2) Add the following section
to the configuration file of your
application:
<configuration>
<system.web>
<compilation
debug="true"/>
</system.web>
</configuration>
Note
that this second technique will cause all files within a given application to be
compiled in debug mode. The first technique will cause only that particular file
to be compiled in debug mode.
Important: Running applications in debug
mode does incur a memory/performance overhead. You should make sure that an
application has debugging disabled before deploying into production
scenario.
Stack Trace:
[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder_Body$tbContent="<p>
地方</p>
").]
System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +8734868
System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, RequestValidationSource requestCollection) +122
System.Web.HttpRequest.get_Form() +114
System.Web.HttpRequest.get_HasForm() +8900239
System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +97
System.Web.UI.Page.DeterminePostBackMode() +69
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +8431
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +253
System.Web.UI.Page.ProcessRequest() +78
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.ivxworksportal_admin_postarticles_aspx.ProcessRequest(HttpContext context) in c:/Users/Louis.Liu/AppData/Local/Temp/Temporary ASP.NET Files/root/c545485b/749daf0d/App_Web_hse3vdmf.0.cs:0
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +100
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1
解决办法:
第一步:
在web.config里面
第二步:
在嵌入ckeditor3.5页面的头部加如下代码:ValidateRequest="false"
OK,问题解决。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
