YAFLogo

dcb1101
  • dcb1101
  • 55% (Neutral)
  • YAF Camper Topic Starter
12 years ago
I'm getting the following error when ever I try to save changes in the Admin or Host settings....

Server Error in '/rs' Application.

A potentially dangerous Request.Form value was detected from the client (ctl00$cphBody$forum$ctl03$IPLocatorUrlPath="...city/?key=&ip={0...").

http://go.microsoft.com/fwlink/?LinkId=153133 .

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ctl00$cphBody$forum$ctl03$IPLocatorUrlPath="...city/?key=&ip={0...").

Source Error:

[No relevant source lines]

Source File: c:\windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\rs\c41bcf8e\7b89ffc0\App_Web_spypj23u.4.cs Line: 0

Stack Trace:

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ctl00$cphBody$forum$ctl03$IPLocatorUrlPath="...city/?key=&ip={0...").]

System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +8862660

System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, RequestValidationSource requestCollection) +122

System.Web.HttpRequest.get_Form() +150

System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +114

System.Web.UI.Page.DeterminePostBackMode() +69

System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +8431

System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +253

System.Web.UI.Page.ProcessRequest() +78

System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21

System.Web.UI.Page.ProcessRequest(HttpContext context) +49

ASP.forum_default_aspx.ProcessRequest(HttpContext context) in c:\windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\rs\c41bcf8e\7b89ffc0\App_Web_spypj23u.4.cs:0

System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +100

System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272

Renewed Strength 

Christian Forum 

View All Posts by User
Sponsor
tha_watcha
  • tha_watcha
  • 100% (Exalted)
  • YAF.NET Project Lead 🤴 YAF Version: 4.0.1 BETA
12 years ago
Did you read the error description?

Set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0", in the web.config. Example: .

View All Posts by User
dcb1101
  • dcb1101
  • 55% (Neutral)
  • YAF Camper Topic Starter
12 years ago
Yes I did and my

I know I can turn off page validation to get around this error, however I don't want to open up the security vulnerability. I would much rather find out why it is throwing this error and fix the actual problem.

Thank you

Renewed Strength 

Christian Forum 

View All Posts by User
tha_watcha
  • tha_watcha
  • 100% (Exalted)
  • YAF.NET Project Lead 🤴 YAF Version: 4.0.1 BETA
12 years ago
The host settings contains several settings which contains input like the yaf tags on the user box avatar template settings.

You can safely turn off the page validation because the input on all pages is checked everywhere and encoded whith a better protection then the page valdidation provides.

View All Posts by User
+1
bbobb
  • bbobb
  • 100% (Exalted)
  • YAF Developer
12 years ago

I know I can turn off page validation to get around this error, however I don't want to open up the security vulnerability. I would much rather find out why it is throwing this error and fix the actual problem.

Originally Posted by: dcb1101 

By default, .Net 4.0 rejects all requests with <>*%&:\? characters.

And this is all. YAF stores data "as-is" and protects them while displaying as was written above.

View All Posts by User
+1
Similar Topics
Users browsing this topic