Preventing JavaScript Injection Attackshttp://asp.netSun, 23 Jan 2011 05:06:19 GMTumbracoComments for Preventing JavaScript Injection AttacksenComment Posted by dangerouschotuhttp://asp.net/mvc/tutorials/older-versions/security/preventing-javascript-injection-attacks-csMon, 12 Jul 2010 11:31:16 GMT00000000-0000-0000-000000009420I want to submit data in the database but i am unable to insert it shows me the error "A potentially dangerous Request.Form value was detected from the client"

i already changed ValidateRequest="false".

help me

]]>Comment Posted by vesthttp://asp.net/mvc/tutorials/older-versions/security/preventing-javascript-injection-attacks-csSun, 23 Jan 2011 05:03:09 GMT00000000-0000-0000-0000000011719dangerouschotu : it is possible that you need to disable the validation in web.config file, or using some attribute (I forgot its exact name) before the controller's action.

]]>Comment Posted by vesthttp://asp.net/mvc/tutorials/older-versions/security/preventing-javascript-injection-attacks-csSun, 23 Jan 2011 05:06:19 GMT00000000-0000-0000-0000000011720By the way, you can try to parse user input and cut of <script> blocks.

For example, if your web site allows to use HTML tags to emphasize user input, and you wish to use <b> tags (for example).

]]>