Home > DeveloperSection > Forums > Handling an 'A potentially dangerous Request.Form value was detected' exception without deactivating validation
jacob rasel
jacob rasel

Total Post:88

Posted on    December-19-2014 10:36 PM

 ASP.Net C#  Exception Handling  Validation 

 2 Reply(s)
 1217  View(s)
Rate this:

I am creating an ASP.NET application using C# for the scripting language. When I enter HTML code into the textboxes on my webpage I get the following exception 'A potentially dangerous Request.Form value was detected', as expected. I would like to be able to catch this exception so that I can put an error message out to the user, but I can only find articles on how to disable the validation; this is not something I'd like to do. Does anybody know where in the ASP.NET page lifecycle this exception would have to be handled, as I am having trouble catching it.


Thanks you.

Hugh Jackman
Hugh Jackman

Total Post:52

Posted on    December-20-2014 5:48 AM

to allow the html character you need to

change the attribute value of page directive <%@ Page ValidateRequest="false" you can apply this as global level via web.config file inside  <system.web> section


<pages validateRequest="false" />

Norman Reedus
Norman Reedus

Total Post:45

Posted on    December-20-2014 6:31 AM

I don't know 100% if this would work, but I do something similar for other situations, so I think it will. But try adding an Application_error handler in the global.asax, and look for that exception type, if Server.GetLastError() returns that exception type, try redirecting to your error page. I don't know what the exception type is, but that is easy to find (or just check the message).


Something like:


void Application_Error(..)


   var ex = Server.GetLastError();

   if (ex != null && ex is <whateverexceptiontype>) { // or check ex.Message matches




Don't want to miss updates? Please click the below button!

Follow MindStick