潜在危险的请求.从客户端检测到表单值(
本文关键字:检测 表单 客户端 危险 请求 | 更新日期: 2024-10-22 00:19:02
可能重复:
潜在危险的请求。从客户端检测到表单值
我收到错误消息:
A potentially dangerous Request.Form value was detected from the client
(ctl00$MainContent$textboxError=...
在我运行asp.net(C#)web应用程序之后。我该怎么修?
这是我的密码。
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Net;
using System.Text.RegularExpressions;
namespace SMS
{
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
textboxRecipient.Width = 400;
textboxMessage.Width = 450;
textboxMessage.Rows = 10;
textboxError.Width = 400;
textboxError.Rows = 5;
textboxError.ForeColor = System.Drawing.Color.Red;
textboxError.Visible = false;
textboxError.Text = "";
if (!Page.IsPostBack)
{
textboxRecipient.Text = "+85593840396";
textboxMessage.Text = "Hello World!";
}
}
protected void buttonSendOnClick(object sender, EventArgs e)
{
if (textboxRecipient.Text == "")
{
textboxError.Text += "Recipient(s) field must not be empty!'n";
textboxError.Visible = true;
return;
}
string ozSURL = "http://127.0.0.1"; //where Ozeki NG SMS Gateway is running
string ozSPort = "9501"; //port number where Ozeki NG SMS Gateway is listening
string ozUser = HttpUtility.UrlEncode("tenh"); //username for successful login
string ozPassw = HttpUtility.UrlEncode("tenh123"); //user's password
string ozMessageType = "SMS:TEXT"; //type of message
string ozRecipients = HttpUtility.UrlEncode(textboxRecipient.Text);
string ozMessageData = HttpUtility.UrlEncode(textboxMessage.Text);
string createdURL = ozSURL + ":" + ozSPort + "/httpapi" +
"?action=sendMessage" +
"&username=" + ozUser +
"&password=" + ozPassw +
"&messageType=" + ozMessageType +
"&recipient=" + ozRecipients +
"&messageData=" + ozMessageData;
try
{
HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(createdURL);
HttpWebResponse myResp = (HttpWebResponse)myReq.GetResponse();
System.IO.StreamReader respStreamReader=new
System.IO.StreamReader(myResp.GetResponseStream());
string responseString = respStreamReader.ReadToEnd();
respStreamReader.Close();
myResp.Close();
//inform the user
textboxError.Text = responseString;
textboxError.Visible = true;
}
catch (Exception)
{
textboxError.Text = "Ozeki NG SMS Gateway Server is not running!";
textboxError.Visible = true;
}
}
}
}
我已经在web.config中添加了以下代码:
validateRequest="false" and requestValidationMode="2.0"
不知道validateRequest="false"不工作的原因错误原因:因为您从包含Html标记的网页中获取数据,而textbox文本属性不允许为其分配Html字符串,所以您必须使用一种将Html标记转换为等效代码的方法。使用HTML。将responseString分配给textboxError.Text时的编码方法。此方法将潜在的不安全字符转换为HTML编码的等效字符。
textboxError.Text = Server.HTMLEncode(responseString);