Click here to Skip to main content
15,867,308 members
Articles / Web Development / ASP.NET
Tip/Trick

Try catch block around "A potentially dangerous Request.Form"

Rate me:
Please Sign up or sign in to vote.
5.00/5 (7 votes)
6 Nov 2011CPOL 36K   6   9
Try catch block around "A potentially dangerous Request.Form"
Sometimes, the user enters HTML tags or malicious characters in text fields. By default, ASP.NET blocks those characters and shows the following error:

A potentially dangerous Request.Form value was detected from the client (aa="<te>").


If we want to show a user friendly message on the raise of this exception, then we have to catch that particular type of exception. But the question is, from where we can catch that exception where we place our try catch block to catch this type of exception. I have seen lot of solutions which are mostly using global.asax where they handle this exception on Application_Error. But what if we want to catch this type of error on Page. Here is the solution:

C#
protected override System.Collections.Specialized.NameValueCollection DeterminePostBackMode()
    {
       try
        {
            return base.DeterminePostBackMode();
        }
        catch(HttpRequestValidationException ex) {
           
//            do the handling here
            
        }
return null;
    }

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Technical Writer
United States United States
<Profile>
<Profession>
I am a Software Engineer from Karachi Pakistan, Being a programmer obviously I love to code but I love to code that adds something new in my knowledge else I do copy paste usually Smile | :)
</Profession>
<Education>
Have done Master and Bachelors of Computer Science from Karachi University Pakistan
</Education>
<Interests>
Anything I found interesting technically or non-technically so nothing specific Wink | ;)
</Interests>
</Profile>

Comments and Discussions

 
QuestionNot working for me Pin
Eitan.Aviran6-Sep-12 2:11
Eitan.Aviran6-Sep-12 2:11 
GeneralHave you tested this with ASP.NET 4.0? Request validation no... Pin
Richard Deeming8-Nov-11 7:56
mveRichard Deeming8-Nov-11 7:56 
GeneralRe: I havn't tested it on .Net 4.0 but it seems pretty logical t... Pin
M I developer8-Nov-11 20:19
professionalM I developer8-Nov-11 20:19 
GeneralThanks, buddy! Vote of 5! Pin
Carsten V2.07-Nov-11 19:20
Carsten V2.07-Nov-11 19:20 
GeneralRe: Thanx Pin
M I developer8-Nov-11 20:11
professionalM I developer8-Nov-11 20:11 
GeneralOr you could turn validation off and do your own validation ... Pin
Henry.Ayoola3-Nov-11 4:15
Henry.Ayoola3-Nov-11 4:15 
GeneralRe: but in that case you have to check every input for malicious... Pin
M I developer3-Nov-11 19:11
professionalM I developer3-Nov-11 19:11 
GeneralReason for my vote of 5 Been looking for this, thanks! Pin
jim lahey3-Nov-11 3:24
jim lahey3-Nov-11 3:24 
GeneralRe: Thanx Pin
M I developer8-Nov-11 20:21
professionalM I developer8-Nov-11 20:21 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.