It is trying to prevent SQL injection. INNER JOIN Table t ON t.Id = OtherTable1.Id
Hope this helps.
Tim
Thank you! At least I know why I can't have "ON ="!
One more thing. Why would the text Ontario = 45 also fail? Wouldn't this be different enough for it to know it is not sql? Because the text Alberta = 45 works.
You could maybe have a JS function that searches the text before it is sumbitted to the server. And if your text contains certain keywords, do something special in that scenario. Kind of pain I know. :-)
Hi had the same when someone tryin to use &# . A potentially dangerous Request.Form value was detected from the klient. Somebody knows why &# is dangerous? Is it html or sql code?
sc1977
Member
26 Points
12 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Mar 18, 2008 01:23 PM|LINK
One more thing. Why would the text Ontario = 45 also fail? Wouldn't this be different enough for it to know it is not sql? Because the text Alberta = 45 works.
Can you tell I'm Canadian?
stratboogie
Participant
842 Points
206 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Mar 18, 2008 01:29 PM|LINK
My guess would be it conains "ON" and "="
You could maybe have a JS function that searches the text before it is sumbitted to the server. And if your text contains certain keywords, do something special in that scenario. Kind of pain I know. :-)
Tim
babuji_godem
Member
109 Points
57 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Mar 06, 2009 11:02 AM|LINK
its working in my scenerio
thanking you very much .
Human Logic Pvt Ltd.
rnv.kalz
Member
14 Points
8 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Mar 22, 2010 09:11 PM|LINK
1) For ASP.NET MVC we have to add [ValidateInput(false)] on top of the action result so that it will not validate the field at run-time.
2 )Nothing else would work..Ex: adding ValidateInput = "false" to the Pagedirective (in the view)
or
3) adding ValidateInput = "false" it in the web.config.
Once again for MVC only the First Solution will work. 2nd and 3rd solution will not work.
sandeep.cs3
Member
30 Points
23 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Nov 27, 2010 08:30 PM|LINK
You need to do couple of modification to you application to get this fixed.Have a look.
1. Add <httpRuntime requestValidationMode="2.0" /> in you application web.config
2. Add RequestValidation="false" on your page
A potentially dangerous Request.Form value was detected
asp. net
sajidali3387
Member
113 Points
53 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Jul 11, 2011 10:42 AM|LINK
Is there any other way beside setting the validaterequest to false ???
datapoint.pl
Member
6 Points
3 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Jul 20, 2011 08:10 AM|LINK
Hi had the same when someone tryin to use &# . A potentially dangerous Request.Form value was detected from the klient. Somebody knows why &# is dangerous? Is it html or sql code?
Thanks
sajidali3387
Member
113 Points
53 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Jul 20, 2011 09:44 AM|LINK
This is because of # symbol.
It is used in store procedure to declare local temporary tables that's why it's carraying
A potentially dangerous Request.Form value was detected from the client.
It's also notable that it's not required that it should be valid keyword of sql to generate this error.
datapoint.pl
Member
6 Points
3 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Jul 20, 2011 09:50 AM|LINK
but if im useing for example 3# or any different option its fine, it happens only with &#
sajidali3387
Member
113 Points
53 Posts
Re: A potentially dangerous Request.Form value was detected from the client
Jul 20, 2011 01:09 PM|LINK
Paste the code where you are assigning value.
It's important to note which language you are working on because & symbol is also used in vb to concatnate two strings.