'Remove' posting invalid characters

drettberg

When I perform a delete on an entry with an escaped character (e.g. apostrophe), it fails with a 'System error has occurred'. On the server side, I'm getting 'a potentially dangerous Request.Form value was detected'. It posts back with the escaped characters (&#39 for apostrophe) on a delete, but not on a new or edit. I've added the 'requestValidationMode="2.0" to the httpRuntime element in web.config, but that didn't resolve it.

Also, I'd really prefer to have the string saved to SQL without the escapes. Is that possible?

Thanks,
Dave

allan

Hi Dave,

Yes, you can save without escaped characters by displaying the default XSS protection. Documentation for that is available here.

Allan

drettberg

Thanks Allan.