Hi guys, I get about errors a day all similar to this: "System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (?)." "HTTP_CONNECTION:keep-alive HTTP_ACCEPT:*/* HTTP_ACCEPT_ENCODING:gzip, deflate HTTP_ACCEPT_LANGUAGE:en-us HTTP_COOKIE:__utma=145384224.318957917.1329232990.1329232990.1329232990.1; __utmb=145384224.1.10.1329232990; __utmc=145384224; __utmz=145384224.1329232990.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=hindu%20tattoo HTTP_HOST:www.easymuaythai.com HTTP_REFERER:http://www.google.com/search?um=1&hl=en&client=safari&tbo=d&biw=768&bih=928&tbm=isch&sa=1&q=hindu+tattoo&oq=hindu+tattoo&aq=f&aqi=g10&aql=&gs_sm=3&gs_upl=286712l289980l0l290393l8l8l0l0l0l0l222l932l3.4.1l8l0 HTTP_USER_AGENT:Mozilla/5.0 (iPad; CPU OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3" Ok so I did some research and this is because asp.net automatically guards against HTML injection in the URL. Now I did paste the URL in my browser and it didn't give me any errors. Does anyone know what can cause this? Some things that come to mind: -I have a url rewrite rule in IIS to stop image hotlinking -I can disable request.validation, but this hardly seems like a good solution. Thanks for any input.
here is solution i hope it helps Please try to set ValidateRequest="false" in the page directive. Depending on what version of ASP.NET you are using, you may need to add the following web.config setting: <httpRuntime requestValidationMode="2.0" /> Regards Alex
Hardly seems like a good solution to me. Why is this error thrown anyway? There is no html in that url.