Stack Overflow
Stack Overflow

Questions tagged [request-validation]

79 questions
4
votes
1 answer

Request Validation with ASP.Net MVC 5

In the past, I've been accustomed to being able to use request validation as a first line of defense for XSS. However, I don't seem to be able to get the validation to kick in.
ddango
  • 946
  • 1
  • 12
  • 25
4
votes
0 answers

Request Validation ASP.NET MVC

I've been searching all day and I'm pretty confused about preventing script from being submitted in my MVC application. Most of what I am finding is telling me how to disable request validation, which is not what I want. In the web.config in the…
killerbunnyattack
  • 274
  • 4
  • 14
3
votes
0 answers

AWS API Gateway Error - [429] Maximum number of Request Validators for this API has been reached

I am using AWS API Gateway request validation feature for my APIs. You can check more details in the documentation here. To deploy the API, I am using the serverless framework. Following is a snippet from the serverless.yml. resources: Resources: …
ShwetaJ
  • 462
  • 1
  • 8
  • 32
3
votes
1 answer

"A potentially dangerous Request.Path value was detected from the client (%)." but request seems to be fine

ASP.Net MVC 3.0, .NET 4.0, IIS 7 I know it has been asked a many times, but I still can't figure out what's wrong with it. I get these messages only occasionally (less than 1 a day), and I get about 4k visits daily. Here is a link to the error…
THX-1138
  • 21,316
  • 26
  • 96
  • 160
3
votes
1 answer

Use Swagger API validation with Serverless Framework

I want add an api validation to the serverless aws-nodes template and nothing I have tested until now has worked very well. My current approach is to overwrite the existing api-gateway, which is generated by the serverless framework, with a…
Oli Kuroh
  • 123
  • 2
  • 8
3
votes
1 answer

Get controller parameters in interceptor

I am creating a validation library and I would like to validate the request before the controller. It would be really nice that I can get the controller parameter that I want to validate in the interceptor. At the moment I can get all the info about…
Jan Wytze
  • 3,307
  • 5
  • 31
  • 51
3
votes
1 answer

How to add request validation errors to ModelStateDictionary in ASP.NET MVC?

Investigating the security of a system I'm building with ASP.NET MVC 2 led me to discover the request validation feature of ASP.NET - a very neat feature, indeed. But obviously I don't just want to present the users with the Yellow Screen of Death…
Morten Christiansen
  • 19,002
  • 22
  • 69
  • 94
2
votes
1 answer

How does StackExchange handle invalid characters in route URLs?

Scott Hanselman's post on using wacky chars in a Request URL, explains how IIS and ASP.Net security features can be circumvented to allow invalid characters to be passed on in a URL... but I am sure stack exchange is doing it different as his…
one.beat.consumer
  • 9,414
  • 11
  • 55
  • 98
2
votes
1 answer

Get detailed error message from AWS gateway validator in case of using multiple schemas for one endpoint

I'm using an openapi specification, which configures AWS gateway. I'm also using request validation. It works fine with informative error messages if I print out $context.error.validationErrorString in case of 4xx error messages. (In case of missing…
Lespaulka001
  • 89
  • 7
2
votes
2 answers

How to validate allowed fields in json body in go validation

I have a go struct which I'm using for my POST of an entity type Student struct { ID string `json:"id" firestore:"id"` Name string `json:"name" validate:"required" firestore:"name"` } From the POST body request I can…
Sid P Takeoff
  • 31
  • 5
2
votes
1 answer

Laravel Request Validation of an object

I would like to filter some data coming from an API payload in which i have to check if some certain part of the data is an object, such as this: "object"{ "propety":value, "another_propety":value, } I wanna be sure that the "object" that comes…
Luiz Wynne
  • 460
  • 3
  • 10
  • 28
2
votes
1 answer

ASP.NET MVC2 on .NET 4.0: is [ValidateInput(false)] enough?

Good day! I plan to upgrade my ASP.NET MVC 2 application to .NET 4.0, and have a couple of questions: Is having [ValidateInput(false)] on action enough to accept HTML, or I need to set as described here:…
artvolk
  • 9,448
  • 11
  • 56
  • 85
2
votes
1 answer

ASP.NET Request Validator allowed scripts

I have been working on ASP.NET Project My Request Validator is default true As a result dangerous script attacks are not allowed and ASP.NET throws me error Dangerous Requests which is very good. security But why my…
Parshuram Kalvikatte
  • 1,616
  • 4
  • 20
  • 40
2
votes
1 answer

How to unit test for turning off request validation?

I'm new at this TDD thing but making a serious effort, so I'm hoping to get some feedback here. I created a little web service to minify JavaScript, and everything was nice, with all my tests passing. Then I noticed a bug: if I tried to minify…
Domenic
  • 110,262
  • 41
  • 219
  • 271
2
votes
1 answer

Customized validation rule on laravel form request validation

I do have a registration form in my laravel 5.4 application and laravel form request validation is used for server side validation. Some fields in this form are populated dynamically using calculations in javascript which need to be validated…
iamab.in
  • 2,022
  • 3
  • 18
  • 39
1
2
3 4 5 6