Handling an 'A potentially dangerous Request.Form value was detected' exception without deactivating validation

Anonymous User285819-Dec-2014

I am creating an ASP.NET application using C# for the scripting language. When I enter HTML code into the textboxes on my webpage I get the following exception 'A potentially dangerous Request.Form value was detected', as expected. I would like to be able to catch this exception so that I can put an error message out to the user, but I can only find articles on how to disable the validation; this is not something I'd like to do. Does anybody know where in the ASP.NET page lifecycle this exception would have to be handled, as I am having trouble catching it.

Thanks you.

c# exception handling validation

Updated on 20-Dec-2014

Anonymous User

I am a content writter !

Can you answer this question?

Answer

2 Answers

Norman Reedus

20-Dec-2014

I don't know 100% if this would work, but I do something similar for other situations, so I think it will. But try adding an Application_error handler in the global.asax, and look for that exception type, if Server.GetLastError() returns that exception type, try redirecting to your error page. I don't know what the exception type is, but that is easy to find (or just check the message).

Something like:

void Application_Error(..)
{
   var ex =Server.GetLastError();
   if (ex != null && ex is <whateverexceptiontype>) { // or check ex.Message matches
    
HttpContext.Current.Response.Redirect("niceerrorpage.aspx")
   }
}

Anonymous User

20-Dec-2014

to allow the html character you need to

change the attribute value of page directive <%@ Page ValidateRequest="false" you can apply this as global level via web.config file inside <system.web> section

forum

Handling an 'A potentially dangerous Request.Form value was detected' exception without deactivating validation

Anonymous User

2 Answers

Liked By