I was following the article of adding rich text editor as explained here (How to use Rich text editor (CKEditor) in MVC), but when I am submitting CKEditor data to the controller, I am getting this error
A potentially dangerous Request.Form value was detected from the client
How can I solve It? And why I got this error?
Thank you
"A potentially dangerous request.form value was detected...."This error occurs in ASP.NET MVC web-application, when you are trying to submit a form which has input textbox or textarea with HTML contents in it.
This behaviour of application is by default as ASP.NET implements a validation check on all input so that our web application has a basic protection from XSS attacks.
If you want to submit form data with HTML contents, here are the ways to resolve this issue:
[AllowHtml]
public string Description { get; set; }?
[HttpPost]
[ValidateInput(false)]
public ActionResult SaveDataWithHTML(ClassName cn) {
//save data here
}?
it will disable the validation by ASP.Net MVC only for the above particular Action method, it can be useful when you have multiple Model attributes which allows HTML content.
<configuration>
<system.web>
<pages validateRequest="false" />
</system.web>
</configuration>?
In .NET 4.0, you would have to change one more property.
<system.web>
<pages validateRequest="false" />
<httpRuntime requestValidationMode="2.0"/>
</system.web>
Note: pages validateRequest="false"
opens your web page to Cross Site Injection (XSS) attacks. Use Server.HtmlEncode or some AntiXSS libarary functions in your C# code to prevent any XSS attack.
Any of the above solution should help you, to get rid of the error, also, I have seen the above mentioned article also, they have already asked to disable validate request to submit form data with CKEditor using the 2nd method which I have told you above.
Subscribe to our weekly Newsletter & Keep getting latest article/questions in your inbox weekly