About/Contact

Steve Trefethen

Steve Trefethen is a Director of Engineering at Reply. Contact me

View my LinkedIn profile


Powered by discountASP.NET
referal ID: sdtref
Why recommend discountASP.NET?
$720 in referrals so far!


Calendar

<<  February 2012  >>
MoTuWeThFrSaSu
303112345
6789101112
13141516171819
20212223242526
2728291234
567891011

View posts in large calendar

Disclaimer

The posts on this weblog are provided AS IS with no warranties, and confer no rights. The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.



Blog comment attacks blocked by ASP.NET's ValidateRequest feature

December 25 2006 6:08AM
For several days now the logs for my blog are showing the ASP.NET error message "A potentially dangerous Request.Form value was detected from the client" which is ASP.NET's way of preventing potentially harmful postbacks that are coming from the comment form used here on my blog. This is probably one of those features that people love to hate but in this case I think it's quite effective. For more information see ValidateRequest.

FacebookDel.icio.usDigg It!

Tags: ,

Permalink | Comments (1)

Comments (1) -

12/26/2006 2:19:40 AM #

Of course, if you just cook all lesser and greater than signs into their ampersand equivalents, then there is zero problem and the system works as expected for everyone EXCEPT those trying to exploit the system.  Which is, if I recall correctly, a option in asp.net, but I forget exactly where.

C Johnson

Add comment




  Country flag
biuquote
  • Comment
  • Preview
Loading