Monday, March 1, 2010

A potentially dangerous Request.Form value was detected from the client ASP.NET

I got this error message when I try to submit a form with HTML Code, the default settings of the .NET Framework will not allow me to submit HTML Code to prevent cross-site scripting (XSS) attacks.

To avoid this error set Validate Request to false in the Page Directive.