我让数据库中输入数据时~只要内容喊有html标签~如 <html> , <table> 等等~就报错~
报错内容如下:
Server Error in '/房产网 ' Application.
--------------------------------------------------------------------------------
A potentially dangerous Request.Form value was detected from the client (nr= " <html> ").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (nr= " <html> ").
请问怎么解决?
------解决方法--------------------------------------------------------
<%@ Page language= "c# " Codebehind= "xxx.aspx.cs " AutoEventWireup= "false " Inherits= "xxxx.xxx " validateRequest= "false "%>
或者 webconfig
<pages validateRequest= "false "> </pages>
------解决方法--------------------------------------------------------
<%@ Page language= "c# " Codebehind= "xxx.aspx.cs " AutoEventWireup= "false " Inherits= "xxxx.xxx " validateRequest= "false "%>
或者 webconfig
<pages validateRequest= "false "> </pages>
------解决方法--------------------------------------------------------
在 <%@Page%> 里加validateRequest= "false "
