asp.net-mvcckeditorckfinder

A potentially dangerous Request.Form value was detected from the client


I am using CKEditor/CKFinder as wysiwyg editor on my MVC.NET site.

I have set [ValidateInput(false)] and it works when debugging it locally, but I receive the following error when I have published the site:

A potentially dangerous Request.Form value was detected from the client (message="<p>
<em>Testing</e...").

can anyone explain why the published site is different from the locally site, especially when I have set [ValidateInput(false)]?

*Update:*I am using .Net 3.5 so shouldn't [ValidateInput(false)] work out the box?


Solution

  • Add this to your web.config:

    <httpRuntime requestValidationMode="2.0" />