Why Getting 'A Potentially Dangerous Request...' Error?

A

Anil Kripalani

When a user of our ASP.NET 1.1 application submits a form with the phrase
'manuscript:' in a text field, ASP returns the error 'A potentially
dangerous Request.Form value was detected from the client
(182:BodyField="manuscript: hello").' Why is this seemingly innocent text
triggering this error?

Thanks,
Krip
 
C

Curt_C [MVP]

"...manuscript: ....."
is similar to
".....javascript: ....."
Thinks it's a javascript function
 
E

Eric Lawrence [MSFT]

To be clear-- there are quite a few protocol strings (javascript: vbscript:
mocha: etc etc) which are supported by the universe of browsers. The HTML
InputValidation routines are pretty broad in order to avoid missing things.

--
Thanks,

Eric Lawrence
Program Manager
Assistance and Worldwide Services

This posting is provided "AS IS" with no warranties, and confers no rights.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Localization and Potentially Dangerous Request.Form Values 1
A potentially dangerous Request.Form value was detected from the client 2
Server.URLEncode and potentially dangerous string 1
"potentially dangerous Request.QueryString" error in ASP.Net app (VB.Net 2003) 2
Potentially dangerous script - urgent! 6
potentially dangerous Request.Form value was detected 2
Potentially dangerous Request.Form value for Cancel button Click 1
A potentially dangerous querystring ... [ValidateRequest] 5

Members online

No members online now.
Total: 58 (members: 1, guests: 57)
Robots: 159

Forum statistics

Threads
473,982
Messages
2,570,190
Members
46,736
Latest member
zacharyharris

Latest Threads

Top