Reputation: 409
How to disable request validation in ASP.NET MVC, IIS Express
.Net Framework 4.5.2, Visual Studio 2015, IIS Express
I want to send requests like http://localhost:49974/xxx/xml/<a><b></b></a> to my application. This results in a server error and the message: A potentially dangerous Request.Path value was detected from the client (="/xxx/xml/<a><b></b></a>").
Following the instructions from MSDN I have set requestValidationMode="2.0":
<system.web>
<httpRuntime requestValidationMode="2.0" targetFramework="4.5.2" />
</system.web>
And and added [ValidateInput(false)] to cotrtoller's action:
[ValidateInput(false)]
public ActionResult Xml()
{
return View("../Home/Index");
}
However I still get exactly the same error on the request presented above.
Upvotes: 0
Views: 1382
Answers (1)
Reputation: 2585
If you are able to convert the acionmethod to use a model for receiving the data, you can specify the [AllowHtml] Attribute on the modelproperty.
This also ensures that the validation is only skipped for this specific property.
ActionMethod:
public ActionResult Xml(XmlModel vm)
{
return View("../Home/Index");
}
Model
public class XmlModel
{
[AllowHtml]
public string xml { get; set; }
}
your url would look like http://localhost:49974/xxx/xml/?xml={your xml string}
Upvotes: 2
Related Questions
- How do I turn off request validation in MVC3?
- I can't turn off Request Validation for an ASP.NET MVC Controller
- Switch off request validation in the view
- Request validation turned off doesn't work on MVC pages
- why I cant disable request validation?
- How do I turn off request validation in MVC2?
- How to disable application request validation in asp.net
- How to disable validation in a HttpPost action in ASP.NET MVC 3?
- How can you turn off request validation in IIS Express?
- How to disable request validation in ASP.NET MVC running at IIS6?