ServiceDesk

 View Only

  • 1.  A potentially dangerous Request.Form value was detected from the client

    Posted Mar 12, 2014 01:30 PM

    When we copy and paste an email into the desription or comments of an incident we get the following error. "A potentially dangerous Request.Form value was detected from the client" but only when the email comes from a Mac, iPhone or iPad. We even copy and paste into notepad first to try and strip text formatting.



  • 2.  RE: A potentially dangerous Request.Form value was detected from the client

    Posted Mar 12, 2014 03:10 PM

    You can shut this down in the web.config of your published project. Easiest way is to set validateRequest=false

    See this article: http://stackoverflow.com/questions/9130186/a-potentially-dangerous-request-form-value-was-detected-from-the-client

    This is a built-in .NET security measure. Keep in mind that disabling this completely opens up the published project for possible injection type attacks.



  • 3.  RE: A potentially dangerous Request.Form value was detected from the client

    Posted Mar 12, 2014 04:20 PM

    I did see that on the web, however, when I go to the web.config of the published workflow I do not see validateRequest.



  • 4.  RE: A potentially dangerous Request.Form value was detected from the client
    Best Answer

    Posted Mar 13, 2014 06:50 AM

    If you don't see it you can just manually add it... it should be formed like this:

    <system.web>

    <pages validateRequest="false">

    ...

    </system.web>

    More than likely you'll just have to pump that <pages> tag between the system.web section. Also note it's a good idea to back up the web.config before modifying in case Things Go Wrong



  • 5.  RE: A potentially dangerous Request.Form value was detected from the client

    Posted Mar 17, 2014 09:55 AM

    reecardo,

    Thanks for the fix. This did work. I did need to write it as follows though.

    <pages validateRequest="false" />

    Thanks again.