[ASP.NET]Error: A potentially dangerous Request.QueryString value was detected

最新推荐文章于 2015-01-15 08:48:07 发布
转载 最新推荐文章于 2015-01-15 08:48:07 发布 · 131 阅读 · 0 ·
CC 4.0 BY-SA版权
原文链接:http://www.cnblogs.com/hacker84/archive/2008/03/13/1103268.html

本文介绍了当使用.NET Framework 1.1时遇到的一个常见安全警告问题:Apotentially dangerous Request.QueryString value was detected from the client。文章提供了详细的解决方案,包括如何通过调整配置文件或页面指令来禁用请求验证,以此避免出现该安全提示。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

Error Message

"A potentially dangerous Request.QueryString value was detected from the client " 

Cause

.NET Framework 1.1 is installed on an application that was developed using .NET 1.0. .NET 1.1 uses a higher security setting by default, so a security message that 1.0 users don't see is visable.

Solution or Workaround

Disable these error messages by lowering the security settings. Set validateRequest=false in the Page directive of the *.aspx page that displayed the error. This will turn off request validation for that page only.

The first line should be similar to this in VB.NET:

< %@ Page Language = " vb "  AutoEventWireup = " false "  Codebehind = " WebForm1.aspx.vb "   Inherits = " TestWebGUI.WebForm1 "  validateRequest = false % >  
or
< configuration >
    < system .web >
       < pages  validateRequest ="false"   />
    </ system.web >
</ configuration >

Other References: Request Validation - Preventing Script Attacks

转载于:https://www.cnblogs.com/hacker84/archive/2008/03/13/1103268.html

W: GPG error: .... The following signatures couldn‘t be verified because the public key is not ava
qq_31024251的博客
01-14 641
W: GPG error: http://repo.zabbix.com/zabbix/3.4/ubuntu trusty InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 082AB56BA14FE591 W: The repository ‘http://repo.zabbix.com/zabbix/3.4/ubuntu trusty In
A potentially dangerous Request.QueryString value was detected from the client 的解决办法
pigHead_chen的专栏
04-23 2629
今天遇到一个问题,没见过。用QueryString 去接受 字符串“☞☞”时出错了,直接崩了。显示A potentially dangerous Request.QueryString value was detected from the client (title="☞☞&#9758..."). Description: Requ
利用jquery解决MVC下A potentially dangerous Request.QueryString value was detected from the client问题...
weixin_30687811的博客
05-11 168
其实A potentially dangerous Request.QueryString value was detected from the client错误原因是mvc检测了您的请求,如果有‘<’等字符串,就会有这个错误。解决办法在action前加 [AcceptVerbs(HttpVerbs.Post),ValidateInput(false)]public ActionResu...
解决ASP.NET的“A potentially dangerous Request... value was detected
MiNG 的专栏
09-04 3006
最近做一个简单的web项目(.NET Framework 3.5),自定义了一个handler(类似Java内的Servlet),本地开发环境(VS2012)测试没有问题,发布到服务器的IIS就出错了,访问handler映射地址时出现如下提示: A potentially dangerous Request.QueryString value was detected from the clie
MVC 请求参数中带有HTML会引发Validation异常 ("A potentially dangerous Request.Form value was detected from the cl...
weixin_30469895的博客
01-20 143
MVC中客户端传值到服务器端时,如果客户端字符串含有“</>"字样时就会报“检测到有潜在危险”("A potentially dangerous Request.Form value was detected from the client")的错误。 如:从客户端("test<br/>ttt")中检测到有潜在危险的 Request.Form 值。 解决方法A:在对应的...
A potentially dangerous Request.Form value was detected from the client
y_h_t的专栏
01-15 797
用户在页面上提交表单到服务器时,服务器会检测到一些潜在的输入风险,例如使用富文本编辑器控件(RichTextBox、FreeTextBox、CuteEditor等)编辑的内容中包含有HTML标记或脚本标记,ASP.NET页面会抛出一个"A potentially dangerous Request.Form value was deceted from the client"的异常。这个是ASP.
ASP.NET.Web.API.and.Angular.2.17864
10-17
Now, this front-end can change to a mobile app, a website, desktop app, but what you do at the back doesn't change and remains ASP.NET Web API. This book focuses on blending and connecting ASP.NET ...
2025-04-01 10:40:39.023 INFO [io.undertow.servlet] - Initializing Spring DispatcherServlet 'dispatcherServlet' 2025-04-01 10:40:39.025 INFO [org.springframework.web.servlet.DispatcherServlet] - Initializing Servlet 'dispatcherServlet' 2025-04-01 10:40:39.026 TRACE [org.springframework.web.servlet.DispatcherServlet] - Detected org.springframework.web.multipart.commons.CommonsMultipartResolver@58ec8271 2025-04-01 10:40:39.026 TRACE [org.springframework.web.servlet.DispatcherServlet] - Detected org.springframework.web.servlet.i18n.AcceptHeaderLocaleResolver@398694a6 2025-04-01 10:40:39.026 TRACE [org.springframework.web.servlet.DispatcherServlet] - Detected org.springframework.web.servlet.theme.FixedThemeResolver@3df04fa1 2025-04-01 10:40:39.028 TRACE [org.springframework.web.servlet.DispatcherServlet] - Detected DefaultRequestToViewNameTranslator 2025-04-01 10:40:39.029 TRACE [org.springframework.web.servlet.DispatcherServlet] - Detected SessionFlashMapManager 2025-04-01 10:40:39.030 DEBUG [org.springframework.web.servlet.DispatcherServlet] - enableLoggingRequestDetails='false': request parameters and headers will be masked to prevent unsafe logging of potentially sensitive data 2025-04-01 10:40:39.030 INFO [org.springframework.web.servlet.DispatcherServlet] - Completed initialization in 5 ms 2025-04-01 10:40:39.049 TRACE [org.springframework.web.servlet.DispatcherServlet] - GET "/big-screen/get-time-period-traffic?deviceType=3", parameters={masked}, headers={masked} in DispatcherServlet 'dispatcherServlet' 2025-04-01 10:40:39.050 TRACE [o.s.w.s.m.m.a.RequestMappingHandlerMapping] - Mapped to com.syzn.dv.biz.bigscreen.northbound.controller.BigScreenController#getTimePeriodTraffic(BigScreenCommonReq) 2025-04-01 10:40:39.074 TRACE [org.springframework.web.method.HandlerMethod] - Arguments: [BigScreenCommonReq(direction=null, deviceType=3, startDate=null, endDate=null)] 2025-04-01 10:40:39.088 DEBUG [org.mybatis.spring.SqlSessionUtils] - Creating a new SqlSession 2025
04-02
- 日志关键词:`DispatcherServlet with name 'dispatcher' processing GET request` - 对应`doDispatch()`方法入口,记录请求方法、URI、参数 - 示例日志: ```log DEBUG o.s.web.servlet.DispatcherServlet -...
计算机组成教学课件:Chapter2 Machine Instruction.ppt
06-14
This chapter covers a comprehensive range of topics, including instruction sequencing, instruction formats, addressing modes, stacks, subroutines, additional instructions, and the comparison between ...
操作系统概念英文课件:Chapter 6 Process Synchronization.ppt
09-17
Semaphores are a widely used synchronization mechanism that maintain a count and allow processes to request and release units of a resource. Two types of semaphores are binary semaphores (which can be...
关于potentially dangerous Request.Cookies value的解决
dianwo2466的博客
01-02 203
错误提示: A potentially dangerous Request.Form value was detected from the client (txtTest="<b>"). 由于在.net中,Request时出现有HTML或Javascript等字符串时,系统会认为是危 险性值。立马报错。 解决方案一: 在.aspx文件头中加入这句: <%...
ASP.net 4.0嵌入Ckeditor 3.5 报错A potentially dangerous Request.Form value was detected from the client 的解决办法
东亮博客
03-29 3405
<br />新发布的版本Ckeditor3.5 嵌入到 ASP.net 4.0 页面时报错如下:<br /><br />--------------------------------------------------------------------------------<br /><br />Server Error in '/' Application. <br />-----------------------------------------------------------------
VS.NET常见错误及解决方法集锦
远方星空
05-04 1494
.vs.net在新建工程时弹出"Automation 服务器不能创建对象"的解决方案原因是FileSystemObject创建失败的问题,解决的方法:运行Regsvr32 scrrun.dll二. 错误提示: A potentially dangerous Request.Form value was detected from the client (txtTest=""). 由于在.net
出现错误‘A potentially dangerous Request.Form value was detected from the client’的解决方案...
weixin_30731287的博客
12-24 216
ASP.NET中出现A potentially dangerous Request.Form value was detected from the client错误是因为Request时出现有HTML或Javascript等字符串时,系统会认为是危险性值。解决方案: 在.aspx文件头中加入: <%@ Page validateRequest="false" %>   ...
A potentially dangerous Request.Path value was detected from the client 异常
05-13 2821
<br />我们在ASP.net 4.0 中使用URL导向后, 我们在访问类似如下的地址时 http://wz.csdn.net/yanjinde77/一个面试题!********/,就会报错误:  <br />A potentially dangerous Request.Path value was detected from the client <br />at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()   <br />at S
A potentially dangerous Request.Form value was detected from the client (txtTest="").
东亮博客
03-21 2936
<br /><br />错误提示: <br />A potentially dangerous Request.Form value was detected from the client<br />(txtTest="<b>").<br />由于在.net中,Request时出现有HTML或Javascript等字符串时,系统会认为是危<br />险性值。立马报错。<br />解决方案一: <br />在.aspx文件头中加入这句: <br /><%@ Page validateRequest="fal
nt!DbgBreakPointWithStatus: fffff805`7affd0b0 cc int 3 kd> ed nt!Kd_DEFAULT_Mask 0xFFFFFFFF kd> ed nt!Kd_IHVDRIVER_Mask 0xFFFFFFFF kd> g [+] [DriverEntry] 驱动加载开始 [+] [DriverEntry] 驱动加载成功 [+] [ProcessNotifyCallback] 目标进程 oxygen.exe 创建 (PID: 7948) [+] [ProcessNotifyCallback] 工作线程已创建 [+] Worker thread started for hook installation [+] [InstallHook] 找到目标函数地址: FFFFF8057B2EFB60 [PTE_HOOK] 跳板池分配成功: 地址=0xFFFFCF812F9C8000, 大小=32768字节 [PTE_HOOK] 构造跳转指令: 目标地址: 0xFFFFF805802B14E0 跳板位置: 0xFFFFCF812F9C8000 指令大小: 18字节 写入跳板结构到 0xFFFFCF812F9C8000: FF 25 00 00 00 00 00 00 00 00 E0 14 2B 80 05 F8 FF FF 反汇编跳板指令: Break instruction exception - code 80000003 (first chance) nt!KeCheckStackAndTargetAddress+0x53: fffff805`7ae8da03 cc int 3 kd> g KDTARGET: Refreshing KD connection *** Fatal System Error: 0x00000139 (0x0000000000000000,0x0000000000000000,0x0000000000000000,0x0000000000000000) Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. Debugger entered on first try; Bugcheck callbacks have not been invoked. A fatal system error has occurred. For analysis of this file, run !analyze -v nt!DbgBreakPointWithStatus: fffff805`7affd0b0 cc int 3 kd> !analyze -v Connected to Windows 10 19041 x64 target at (Tue Jun 24 23:20:51.742 2025 (UTC + 8:00)), ptr64 TRUE Loading Kernel Symbols .................................... Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long. Run !sym noisy before .reload to track down problems loading symbols. ........................... ................................................................ ..................................................... Loading User Symbols Loading unloaded module list ...... ERROR: FindPlugIns 8007007b ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* KERNEL_SECURITY_CHECK_FAILURE (139) A kernel component has corrupted a critical data structure. The corruption could potentially allow a malicious user to gain control of this machine. Arguments: Arg1: 0000000000000000, A stack-based buffer has been overrun. Arg2: 0000000000000000, Address of the trap frame for the exception that caused the BugCheck Arg3: 0000000000000000, Address of the exception record for the exception that caused the BugCheck Arg4: 0000000000000000, Reserved Debugging Details: ------------------ Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long. Run !sym noisy before .reload to track down problems loading symbols. KEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 3750 Key : Analysis.Elapsed.mSec Value: 44828 Key : Analysis.IO.Other.Mb Value: 0 Key : Analysis.IO.Read.Mb Value: 2 Key : Analysis.IO.Write.Mb Value: 0 Key : Analysis.Init.CPU.mSec Value: 3625 Key : Analysis.Init.Elapsed.mSec Value: 71532 Key : Analysis.Memory.CommitPeak.Mb Value: 62 Key : Analysis.Version.DbgEng Value: 10.0.27829.1001 Key : Analysis.Version.Description Value: 10.2503.24.01 amd64fre Key : Analysis.Version.Ext Value: 1.2503.24.1 Key : Bugcheck.Code.KiBugCheckData Value: 0x139 Key : Bugcheck.Code.LegacyAPI Value: 0x139 Key : Bugcheck.Code.TargetModel Value: 0x139 Key : Failure.Bucket Value: 0x139_0_LEGACY_GS_VIOLATION_nt!guard_icall_bugcheck Key : Failure.Hash Value: {9bee41a7-2ef9-07ca-7e59-7d5a0c6e2d05} Key : Hypervisor.Enlightenments.Value Value: 12576 Key : Hypervisor.Enlightenments.ValueHex Value: 0x3120 Key : Hypervisor.Flags.AnyHypervisorPresent Value: 1 Key : Hypervisor.Flags.ApicEnlightened Value: 0 Key : Hypervisor.Flags.ApicVirtualizationAvailable Value: 0 Key : Hypervisor.Flags.AsyncMemoryHint Value: 0 Key : Hypervisor.Flags.CoreSchedulerRequested Value: 0 Key : Hypervisor.Flags.CpuManager Value: 0 Key : Hypervisor.Flags.DeprecateAutoEoi Value: 1 Key : Hypervisor.Flags.DynamicCpuDisabled Value: 0 Key : Hypervisor.Flags.Epf Value: 0 Key : Hypervisor.Flags.ExtendedProcessorMasks Value: 0 Key : Hypervisor.Flags.HardwareMbecAvailable Value: 0 Key : Hypervisor.Flags.MaxBankNumber Value: 0 Key : Hypervisor.Flags.MemoryZeroingControl Value: 0 Key : Hypervisor.Flags.NoExtendedRangeFlush Value: 1 Key : Hypervisor.Flags.NoNonArchCoreSharing Value: 0 Key : Hypervisor.Flags.Phase0InitDone Value: 1 Key : Hypervisor.Flags.PowerSchedulerQos Value: 0 Key : Hypervisor.Flags.RootScheduler Value: 0 Key : Hypervisor.Flags.SynicAvailable Value: 1 Key : Hypervisor.Flags.UseQpcBias Value: 0 Key : Hypervisor.Flags.Value Value: 536632 Key : Hypervisor.Flags.ValueHex Value: 0x83038 Key : Hypervisor.Flags.VpAssistPage Value: 1 Key : Hypervisor.Flags.VsmAvailable Value: 0 Key : Hypervisor.RootFlags.AccessStats Value: 0 Key : Hypervisor.RootFlags.CrashdumpEnlightened Value: 0 Key : Hypervisor.RootFlags.CreateVirtualProcessor Value: 0 Key : Hypervisor.RootFlags.DisableHyperthreading Value: 0 Key : Hypervisor.RootFlags.HostTimelineSync Value: 0 Key : Hypervisor.RootFlags.HypervisorDebuggingEnabled Value: 0 Key : Hypervisor.RootFlags.IsHyperV Value: 0 Key : Hypervisor.RootFlags.LivedumpEnlightened Value: 0 Key : Hypervisor.RootFlags.MapDeviceInterrupt Value: 0 Key : Hypervisor.RootFlags.MceEnlightened Value: 0 Key : Hypervisor.RootFlags.Nested Value: 0 Key : Hypervisor.RootFlags.StartLogicalProcessor Value: 0 Key : Hypervisor.RootFlags.Value Value: 0 Key : Hypervisor.RootFlags.ValueHex Value: 0x0 Key : SecureKernel.HalpHvciEnabled Value: 0 Key : WER.OS.Branch Value: vb_release Key : WER.OS.Version Value: 10.0.19041.1 BUGCHECK_CODE: 139 BUGCHECK_P1: 0 BUGCHECK_P2: 0 BUGCHECK_P3: 0 BUGCHECK_P4: 0 FAULTING_THREAD: ffffbd046bee5080 TRAP_FRAME: ffff800000000000 -- (.trap 0xffff800000000000) Unable to read trap frame at ffff8000`00000000 Resetting default scope EXCEPTION_RECORD: 0000000000000000 -- (.exr 0x0) Cannot read Exception record @ 0000000000000000 PROCESS_NAME: System STACK_TEXT: fffffc89`cb028028 fffff805`7b111882 : fffffc89`cb028190 fffff805`7af7c940 00000000`00000100 00000000`00000000 : nt!DbgBreakPointWithStatus fffffc89`cb028030 fffff805`7b110e66 : 00000000`00000003 fffffc89`cb028190 fffff805`7b00a0c0 00000000`00000139 : nt!KiBugCheckDebugBreak+0x12 fffffc89`cb028090 fffff805`7aff5317 : fffff805`7ac00000 00000000`00000001 fffffc89`cb029a38 fffff805`7aea29a5 : nt!KeBugCheck2+0x946 fffffc89`cb0287a0 fffff805`7affdd1b : 00000000`00000139 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx+0x107 fffffc89`cb0287e0 fffff805`7ae8da0c : fffffc89`cb028878 fffffc89`cb0288b8 00000000`00000000 fffffc89`cb028920 : nt!guard_icall_bugcheck+0x1b fffffc89`cb028810 fffff805`7afcbe6b : fffff805`7aea29a5 fffff805`7acd158c 00000000`00000000 00000000`00000000 : nt!KeCheckStackAndTargetAddress+0x5c fffffc89`cb028840 fffff805`7affe0d2 : fffff805`7acd158c fffffc89`cb028e20 fffff805`7afcbe30 00000000`00000000 : nt!_C_specific_handler+0x3b fffffc89`cb0288b0 fffff805`7ae52db7 : fffffc89`cb028e20 00000000`00000000 fffffc89`cb029c10 fffff805`7aea29a5 : nt!RtlpExecuteHandlerForException+0x12 fffffc89`cb0288e0 fffff805`7ae519a6 : fffffc89`cb0297f8 fffffc89`cb029530 fffffc89`cb0297f8 fffffc89`cb029a9a : nt!RtlDispatchException+0x297 fffffc89`cb029000 fffff805`7b0072ac : 00000000`00001000 fffffc89`cb0298a0 ffff8000`00000000 00000000`00000000 : nt!KiDispatchException+0x186 fffffc89`cb0296c0 fffff805`7b003443 : fffffc89`cb029a48 fffffc89`cb029990 fffffc89`cb0299a0 fffff805`7affd0d5 : nt!KiExceptionDispatch+0x12c fffffc89`cb0298a0 00000000`00000000 : fffff805`802b19e9 fffff805`802b2ce0 00000000`000000b8 00000000`00000000 : nt!KiPageFault+0x443 SYMBOL_NAME: nt!guard_icall_bugcheck+1b MODULE_NAME: nt IMAGE_NAME: ntkrnlmp.exe STACK_COMMAND: .process /r /p 0xffffbd046545f1c0; .thread 0xffffbd046bee5080 ; kb BUCKET_ID_FUNC_OFFSET: 1b FAILURE_BUCKET_ID: 0x139_0_LEGACY_GS_VIOLATION_nt!guard_icall_bugcheck OS_VERSION: 10.0.19041.1 BUILDLAB_STR: vb_release OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {9bee41a7-2ef9-07ca-7e59-7d5a0c6e2d05} Followup: MachineOwner --------- kd> u FFFFCF812F9C8000 ffffcf81`2f9c8000 ff2500000000 jmp qword ptr [ffffcf81`2f9c8006] ffffcf81`2f9c8006 0000 add byte ptr [rax],al ffffcf81`2f9c8008 0000 add byte ptr [rax],al ffffcf81`2f9c800a e014 loopne ffffcf81`2f9c8020 ffffcf81`2f9c800c 2b8005f8ffff sub eax,dword ptr [rax-7FBh] ffffcf81`2f9c8012 dd75f5 fnsave [rbp-0Bh] ffffcf81`2f9c8015 5d pop rbp ffffcf81`2f9c8016 7df7 jge ffffcf81`2f9c800f这是什么错误?写入时候的错误还是执行hook内容的错误?
最新发布
06-25
我们遇到了一个蓝屏错误:KERNEL_SECURITY_CHECK_... DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, "[PTE_HOOK] 错误: 跳板地址未对齐 (0x%p)\n", trampoline); return false; } // 2. 禁用写保护 ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值