I try to prompt "Unknown error" message to user rather than " A potentially dangerous Request.Form value was detected from the client" on page where user put script tags in textbox or textarea. I have tried clientScript or scriptmanager to prompt error message to page but it does not work out. please suggest any method for show error message on page to UI side. I have tried this code as follows:
void Application_Error(object sender, EventArgs e) {
Exception exc = Server.GetLastError();
if (object.ReferenceEquals(exc.GetType(), typeof(HttpRequestValidationException)))
{
if (((System.Web.HttpRequestValidationException)exc).Message.Contains("A potentially dangerous Request.Form value was detected from the client"))
{
if (HttpContext.Current != null)
{
var url = HttpContext.Current.Request.Url;
//var page = HttpContext.Current.Handler as System.Web.UI.Page;
Page page = HttpContext.Current.CurrentHandler as Page;
if (page is Page)
{
// page.ClientScript.RegisterStartupScript(GetType(), "Error","<script>alert('Unknown error')</script>");
Response.Redirect(url.ToString());
}
}
}
}
}
I also read setting for XSS as A potentially dangerous Request.Form value was detected from the client thanks for advance. please help
