Rahul
Reputation: 448
Cross-site scripting (XSS) patterns can be submitted
Cross-site scripting (XSS) patterns can be submitted.
[HttpPost]
[AllowAnonymous]
[ValidateInput(false)]
public async Task<string> Index(string Xml) => await Process(Xml);
If i remove ValidateInput(false) Tag it throws exception. "Potential Dangerous...."
Web.config setting as below
<httpRuntime targetFramework="4.6.1" requestValidationMode="2.0" />
The incoming request will always have XML string.
Is there any attribute or something which do not require to add validateInput(False) and allow XMl.
Please provide you input.
Thank you in advance.
Upvotes: 5
Views: 173
Answers (0)
Related Questions
- Preventing XSS (Cross-site Scripting)
- Cross-site scripting validation for VB.NET
- Preventing Javascript and XSS attacks
- ASP.NET MVC XSS Validation
- How to solve Reflected Cross-Site Scripting (XSS) Vulnerabilities in HTML/aspx site
- Fixings Cross Site Scripting (Reflected) in ASP.Net MVC
- Cross site scripting possibility?
- Cross-site scripting and ASP.NET
- HttpRequestValidationException and cross-site scripting XSS
- Protecting my self from cross-site scripting