When creating new articles within InstantKB or posting new topics within InstantForum you may receive the following error message.
"A potentially dangerous Request.Form value was detected from the client".
This is a standard ASP.NET security feature called request validation. You can read more on this here…
Whilst we do already set request validation to false by default within both the InstantForum & InstantKB web.config it could be you encounter this error if you've modified the web.config via IIS or you are using an alternative web.config.
You need to disable requestValidation from within the web.config file. We provide our own protection for all user input against XSS or SQL injection attacks.
Please ensure the validateRequest attribute is present within your <pages/> element and is set to false…
<pages validateRequest="false" />
If your using InstantKB under .NET 4.0 you will need to add the below attribute to your web.config. InstantFrum 2013 contains this attribute by default so does not require any changes,.
For ASP.NET 4.0 installations you'll need ensure the <httpRuntime> element contains the attribute shown below...
<httpRuntime requestValidationMode="2.0" />
See this whitepaper for more information.
I hope this information helps. As always if you have any questions please don't hesitate to contact us.
Optionally provide private feedback to help us improve this article...
Thank you for your feedback!