2

Does anybody know why I am unable to turn request validation off. I currently have an ASP.NET MVC application that has been set up with Sitecore 8.1.

I have created an action method on a controller that I am using to import some data into the sitecore database (specifics out of scope for this question).

One of the fields I'm sending up contains HTML markup so I'm getting the following error message:

A potentially dangerous Request.Form value was detected from the client (mainContent="<p>Learning and Deve...")

For some unknown reason I can't turn this feature off.

I have tried the following:

  1. Added AllowHtml to specific property of my Model.
  2. Added pages element to web config with validateRequest="false"
  3. Ensured httpRuntime element attribute requestValidationMode="2.0" is set
  4. Yes I have confirmed the correct action method is being hit. If I remove the HTML markup from the POST then is succeeds.
  5. I have added [ValidateInput(false)] to the Controller Action method.

A can't think where else to look. Any ideas anyone? Sorry I know this question has been posted before but I have tried everything.

Yan Sklyarenko
  • 31,557
  • 24
  • 104
  • 139
Tom Miller
  • 431
  • 1
  • 5
  • 16
  • 3
    This issue is even described in Sitecore's knowledge base: https://kb.sitecore.net/articles/031258 – so the steps you have applied seem correct to me. I would suggest to try to recreate this on a clean instance of Sitecore just to eliminate any external factors. – Dmytro Shevchenko Jul 06 '16 at 08:16
  • 1
    @DmytroShevchenko Thanks for your response :) Turns out I had't added the requestValidationMode="2.0". I must be going mad. – Tom Miller Jul 06 '16 at 08:51
  • Well, at least the issue is now solved :) – Dmytro Shevchenko Jul 06 '16 at 08:55

0 Answers0