A potentially dangerous Request.QueryString value was detected from the client 的解决办法

最新推荐文章于 2018-05-10 13:24:08 发布
原创 最新推荐文章于 2018-05-10 13:24:08 发布 · 2.6k 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#validation #scripting #application #security #processing #string

本文介绍了当使用QueryString接收特定特殊字符时出现的安全验证错误,并提供了禁用验证的解决方案。

今天遇到一个问题,没见过。

用QueryString 去接受 字符串“☞☞”时出错了,直接崩了。

显示

A potentially dangerous Request.QueryString value was detected from the client (title="☞☞&#9758...").

Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.QueryString value was detected from the client (title="☞☞&#9758...").

Source Error: 

[No relevant source lines]

Source File: c:/windows/Microsoft.NET/Framework/v2.0.50727/Temporary ASP.NET Files/root/8046b68d/14bc268/App_Web_7uz1szh1.0.cs    Line: 0

Stack Trace: 

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.QueryString value was detected from the client (title="☞☞&#9758...").]
   System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) +8721914
   System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName) +111
   System.Web.HttpRequest.get_QueryString() +129
   System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +65
   System.Web.UI.Page.DeterminePostBackMode() +63
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6785
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +242
   System.Web.UI.Page.ProcessRequest() +80

 

原因:

Microsoft .NET Framework 1.1 causes this due to enhanced security features (request validation).  Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted.  This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack.  You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section of Web.config.  However, it is strongly recommended that your application explicitly check all inputs in this case.

 

 

网上搜了搜发现解决办法。

Set the value of validateRequest attribute of pages element to false.

 

 

项目服务间访问提示The request was rejected because the URL contained a potentially malicious String “//“
喜羊羊love红太狼
01-23 1511
1.开发过程最好是按照规范开发,可以避免诸如此类低级问题。比如项目中前缀是那么controller统一这样的话拼接到一起就不会有双横线问题了2.当然如果允许路径中存在双横线则可以在security中添加配置@Bean//此处可添加别的规则,目前只设置 允许双 //
The request was rejected because the URL contained a potentially malicious String “//“
最新发布
Gavin
12-25 320
一个导入按钮,将文件的中的内容处理后写入数据库,似乎这样写没有什么问题,但是在导入过程中报错了.
利用jquery解决MVC下A potentially dangerous Request.QueryString value was detected from the client问题...
weixin_30687811的博客
05-11 176
其实A potentially dangerous Request.QueryString value was detected from the client错误原因是mvc检测了您的请求,如果有‘<’等字符串,就会有这个错误。解决办法在action前加 [AcceptVerbs(HttpVerbs.Post),ValidateInput(false)]public ActionResu...
[ASP.NET]Error: A potentially dangerous Request.QueryString value was detected
weixin_30488313的博客
03-13 141
Error Message"A potentially dangerous Request.QueryString value was detected from the client&nbsp;"&nbsp;Cause.NET Framework 1.1 is installed on an application that was developed using ....
解决ASP.NET的“A potentially dangerous Request... value was detected
MiNG 的专栏
09-04 3028
最近做一个简单的web项目(.NET Framework 3.5),自定义了一个handler(类似Java内的Servlet),本地开发环境(VS2012)测试没有问题,发布到服务器的IIS就出错了,访问handler映射地址时出现如下提示: A potentially dangerous Request.QueryString value was detected from the clie
错误解决:[A potentially dangerous Request.Form value was detected from the client]
大伟先生
02-18 1444
错误提示: 从客户端(TextBox1=" A potentially dangerous Request.Form value was detected from theclient (txtTest="").由于在.net中,Request时出现有HTML或Javascript等字符串时,系统会认为是危险性值。立马报错。 解决方案一: 在.aspx文件头中加入这句: <%@ Page
A potentially dangerous Request.Form value was detected from the client
weixin_34024034的博客
11-13 88
A potentially dangerous Request.Form value was detected from the client 针对这个问题,以前在.net Framework2.0里,只要修改<pages validateRequest="false" />就可以但是现在在4.0里,需要修改The request validation featur...
The request was rejected because the URL contained a potentially malicious String "%25",这种异常如何解决
06-10
为了解决这种异常,可以尝试以下几种方法: 1. 修改请求中的 URL,将 %25 替换为 %2525,这样可以避免被误解为攻击字符串。 2. 对请求中的 URL 进行合理的编码,避免出现不规范的编码方式。 3. 在服务器端进行...
The request was rejected because the URL contained a potentially malicious String "//"
07-27
- *3* [The request was rejected because the URL contained a potentially malicious String “%2e](https://blog.csdn.net/qq_42483257/article/details/122426009)[target="_blank" data-report-click={"spm":...
尝试围绕“潜在危险的Request.Form”捕获块
04-05
在具体实践中,你可以阅读"try-catch-block-around-A-potentially-dangerous-Req.pdf"文件,它很可能提供了更深入的讲解,包括如何构造有效的try-catch块以及处理特定异常的策略。这个文件应该详细介绍了在处理可能...
ASP.net 4.0嵌入Ckeditor 3.5 报错A potentially dangerous Request.Form value was detected from the client解决办法
东亮博客
03-29 3417
<br />新发布的版本Ckeditor3.5 嵌入到 ASP.net 4.0 页面时报错如下:<br /><br />--------------------------------------------------------------------------------<br /><br />Server Error in '/' Application. <br />-----------------------------------------------------------------
MVC 请求参数中带有HTML会引发Validation异常 ("A potentially dangerous Request.Form value was detected from the cl...
weixin_30469895的博客
01-20 151
MVC中客户端传值到服务器端时,如果客户端字符串含有“</>"字样时就会报“检测到有潜在危险”("A potentially dangerous Request.Form value was detected from the client")的错误。 如:从客户端("test<br/>ttt")中检测到有潜在危险的 Request.Form 值。 解决方法A:在对应的...
Additional information: A potentially dangerous Request.Form value was detected from the client
BIGPIG个人笔记
08-08 3533
刚刚在写一个ASP.NET MVC项目的时候
关于potentially dangerous Request.Cookies value的解决
dianwo2466的博客
01-02 214
错误提示: A potentially dangerous Request.Form value was detected from the client (txtTest="<b>"). 由于在.net中,Request时出现有HTML或Javascript等字符串时,系统会认为是危 险性值。立马报错。 解决方案一: 在.aspx文件头中加入这句: <%...
VS.NET常见错误及解决方法集锦
远方星空
05-04 1505
.vs.net在新建工程时弹出"Automation 服务器不能创建对象"的解决方案原因是FileSystemObject创建失败的问题,解决的方法:运行Regsvr32 scrrun.dll二. 错误提示: A potentially dangerous Request.Form value was detected from the client (txtTest=""). 由于在.net中
出现错误‘A potentially dangerous Request.Form value was detected from the client’的解决方案...
weixin_30731287的博客
12-24 230
在ASP.NET中出现A potentially dangerous Request.Form value was detected from the client错误是因为Request时出现有HTML或Javascript等字符串时,系统会认为是危险性值。解决方案: 在.aspx文件头中加入: <%@ Page validateRequest="false" %>   ...
从客户端中检测到有危险的 Request.QueryString 值 的解决方法
时间蜗牛的博客
05-10 5160
如果在页面中,将文本编辑器内的文本内容直接提交给后台后提示“存在危险的 Request.QueryString 值“,如下图所示 错误发生的原因 那是因为文本编辑器自动设置了文本的格式,即添加了各种HTML标签,所以我们在使用里面的内容时,需要在前台用JS方法将HTML标签进行编码,将编码后的文本内容传递给后台,在后台用C#的方法将它解码成HTML标签后存到数据库中。 编码后的内容
The request was rejected because the URL contained a potentially malicious String “;
06-14
遇到"The request was rejected because the URL contained a potentially malicious string ‘;’"这样的错误提示,通常意味着服务器检测到了URL中存在可能被视为安全威胁的字符序列。在HTTP请求中,特别是...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值