Everytime when I open a Website Project/Web, Project in Visual Studio 2010 and try to run in Debug/non debug mode (F5/F11) I get this error error:
"A potentially dangerous Request.Cookies value was detected from the client " .
I had installed VS 2010 SP1 a months ago, I'm not sure if it's related to this.
It happens to newly created project and existing projects. So I can't run any project.
I set the validaterequest in page and in web.config as most of the google search results sites suggested but I can't pass through this error.
Does someone know what the problem is and how to solve this problem?
SET in PAGE:
<%# Page validateRequest="false" %>
SET in WEB.CONFIG:
<system.web>
<pages validateRequest="false" />
</system.web> </br>
< /configuration>
Server Error in '/WebApp' Application.
A potentially dangerous Request.Cookies value was detected from the client (DNNPersonalization=". After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Cookies value was detected from the client (DNNPersonalization="
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Cookies value was detected from the client (DNNPersonalization="
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.225
Use
<system.web>
<httpRuntime requestValidationMode="2.0" />
</system.web>
In your web.config
You get this error when ASP.NET blocks pages from sending html tags in GET/POST arguments and cookies to prevent script injection attacks. You can either:
encode arguments/not send any html tags
disable request validation
You can disable request validation for the whole site by adding to Web.config:
<configuration>
<system.web>
<httpRuntime requestValidationMode="2.0" />
<pages validateRequest="false" />
</system.web>
</configuration>
To disable for a single page, add to Web.config:
<configuration>
<system.web>
<httpRuntime requestValidationMode="2.0" />
</system.web>
</configuration>
and add to the .aspx page:
<%# Page validateRequest="false" %>
More Info: http://www.asp.net/learn/whitepapers/request-validation
I had the same issue in MVC, while I was running the site under localhost.
Simply delete the cookies.
Related
I am deploying a .Net solution to Azure and am getting the above error when I try to run the page.
I read that System.Web has to be stripped down to this. And that's what I did.
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.7.2" />
The solution works locally. Application Insights does not note any errors. Is there an error log somewhere? I have no idea what error this could be. It could be anything.
(I don't have 50 rep so I can't comment, so I have to post as an answer.)
Enable diagnostics logging and report back with the logs. Should shed some light on the problem.
Try setting custom errors to off in your web.config.
<system.web>
<customErrors mode="Off">
</customErrors>
</system.web>
Reference: customErrors Element (ASP.NET Settings Schema)
Don't forget to turn it back on when you have fixed the issue.
I am hosting my apllications. They are running under .net version 4.0. Everything is working fine. But lately, i am getting error list "Potentially Dangerous request ...". I searched on the internet and found out have i have to set my web.config like this.
<system.web>
<httpRuntime requestValidationMode="2.0" />
<pages validateRequest="false" />
</system.web>
It it is use then the problem is solved. and my question is how to solve the error without using page validate request set false.
is other way able to solve the problem???
I am trying to access a aspx page from an IIS server. The page contains a registration form. The browser is opening the page, but when I am trying to enter values into the field and want to save it, it displays this error:
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
What is the problem, and how do i fix it?
It seems that while saving some error is occuring and you are not getting that exact error.
So you have two options add below code.
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
or Use try catch in your save function and in the catch block put code to write enitire exception as string in a text file and then in text file you will have exact error.
But I would suggest first option.
I would like some help in relation to internal error 500 All my application works perfectly on the local server . When I upload via ftp . Web application works by entering a PartialView . Error it gives is " Internal Error 500 " . Does the web server does not support the MVC5 FrameWork 4.5 ?
The error
Internal Error 500
is a generic error message which indicates that the application is having serious problems. The message is generic so as to avoid giving away any sensitive information about the inner workings of your application. However, you can tell the application to provide a more detailed error message by ensuring that custom error pages are turned off: go to your web.config and make sure the mode attribute of the customErrors element is set of 'Off':
<configuration>
<system.web>
<customErrors mode="Off"></customErrors>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
</configuration>
Then try refreshing the application in your browser - it will give you more information that you can use to track down the problem.
For some reason I can't see any useful information about my errors even though I Changed the customerrors section of the web.config:
<customErrors mode="RemoteOnly">
</customErrors>
All I want to do is be able to see the normal yellow screen of death that shows what is going wrong.
Ever since I tried to upload this site on my local developer PC's IIS, the application has not shown error information.
Whenever I start debugging the application fails immediatly and says, "Server Error in '/' Application." and gives me a 404 http error and only displays the Version of the .net framework and asp.net version.
*UPDATE:
I'm Running this locally on my development pc.
Set the Mode to Off instead of remote only. MSDN explains the different modes here:
http://msdn.microsoft.com/en-us/library/h0hfz6fc.aspx
If you are in RemoteOnly then it will only show the error if you are running it locally.
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<customErrors mode="" defaultRedirect=""></customErrors>
</system.web>
</configuration>
If you want to set your application level exception should redirect to your custom error page, you can do this by going to global.asax file and write the code for redirection in Application_Error method.
For handling all the exception, you just need to write the code for redirection at catch section. Also you can set custom error page for http errors by passing status code.
<customErrors mode="RemoteOnly" defaultRedirect="~/ErrorPages/Oops.aspx">
<error statusCode="404" redirect="~/ErrorPages/404.aspx" />
</customErrors>
follow this link:https://stackify.com/web-config-customerrors-asp-net/