Question : A potentially dangerous Request.Form value was detected from the client ...

I am having the most difficult time handling instance where a user may copy/paste the following into an asp textbox: ‘ ’ or the hundreds of other special windows characters conversion. I have tried using replace and the HtmlEncode but neither seem to work via code-behind.

I have tried the following:
objCmd.Parameters.Add(new SqlParameter("@myFromText", HttpUtility.HtmlEncode(myFromText.Text)));

-- or --

string testInput = myFromText.Text;
testInput = Regex.Replace(testInput, "‚", "*");
myFromText.Text = testInput;

objCmd.Parameters.Add(new SqlParameter("@myFromText", HttpUtility.HtmlEncode(myFromText.Text)));

I keep getting the "A potentially dangerous Request.Form value was detected from the client ..." error message. Any suggestion, that “doesn’t” include setting ValidateRequest="false"?

Answer : A potentially dangerous Request.Form value was detected from the client ...

Try this:

1:
2:
3:
4:
5:
6:
7:



function ascii_only(str) {
    return str.replace(/[^\x20-\x7E]/g, ''); // ASCII chars " " thru "~"
}
//
// And then
//
var my_new_string = ascii_only(my_string);

Question : A potentially dangerous Request.Form value was detected from the client ...

Answer : A potentially dangerous Request.Form value was detected from the client ...

Try this: 1: 2: 3: 4: 5: 6: 7: function ascii_only(str) { return str.replace(/[^\x20-\x7E]/g, ''); // ASCII chars " " thru "~" } // // And then // var my_new_string = ascii_only(my_string);

Try this:

1: 2: 3: 4: 5: 6: 7:

function ascii_only(str) { return str.replace(/[^\x20-\x7E]/g, ''); // ASCII chars " " thru "~" } // // And then // var my_new_string = ascii_only(my_string);