我让数据库中输入数据时~只要内容喊有html标签~如<html>,<table>等等~就报错~
报错内容如下:
Server Error in '/房产网' Application.
--------------------------------------------------------------------------------A potentially dangerous Request.Form value was detected from the client (nr=" <html>").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (nr=" <html>").在线跪等答案~拜托了各位~
报错内容如下:
Server Error in '/房产网' Application.
--------------------------------------------------------------------------------A potentially dangerous Request.Form value was detected from the client (nr=" <html>").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (nr=" <html>").在线跪等答案~拜托了各位~
或者 webconfig
<pages validateRequest="false"></pages>
或者 webconfig
<pages validateRequest="false"></pages>
我用的是HtmlEncode啊,这样neirong=Server.HtmlEncode(nr.Text);但还是没用~内容里有<html>标签的话还是出错!!!
在你用到这个方法之前,已经出错了