Showing custom error message on exception: A potentially dangerous Request.Form value was detected from the client

c# asp.net sql-injection validation login-control
17,158

Here are a few examples of how to provide a friendlier error msg:

http://romsteady.blogspot.com/2007/06/how-to-catch-httprequestvalidationexcep.html

How to catch HttpRequestValidationException in production

The thing you need to keep in mind is that this exception is thrown before you page code happens. So you normally cannot catch the error in your page code, but only in Application_Error.

I have not tried this myself, but this site gives a alternative way to allow your page code to execute, but still protect yourself from malicious input using the built in logic, as well as catching the exception within your own code.

Share:
17,158

Related videos on Youtube

Aishwarya Shiva
Author by

Aishwarya Shiva

With over 10 years of experience providing thorough and skillful advice in software development, digital marketing, PC troubleshooting and other tech related issues to both individuals and businesses. Use this VIP link and give me a call for free .NET, C#, ASP.NET, MVC, JAVA, PHP, WCF, WPF etc. consultation: https://clarity.fm/aishwaryashiva/early638

Updated on September 21, 2022

Comments

  • Aishwarya Shiva
    Aishwarya Shiva over 1 year

    I am using Login Control of ASP.NET in my web application. I want to show a funny type of error on a label when this exception occures System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client it occurs when a user try to do sql injection attack or some HTML or SCRIPT operations by entering them in Username text field of Login control. I tried many things such as enclosing the authentication login in try catch block and catching the System.Web.HttpRequestValidationException exception also doing same for an event created by me as same as onTextChange for Username TextBox. But all these tries failed. Please tell me how to check for this exception and display a nice funny message to the attacker?

    • MethodMan
      MethodMan almost 12 years
      Can you please past an example of what the code looks like in regards to what you are trying to accomplish..?? thanks
    • Iain Galloway
      Iain Galloway almost 9 years
      If you're using IIS7+ there's a simpler solution here:- stackoverflow.com/questions/30071341/…

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

ASP.NET Validation not working
asp.net requiredfieldvalidator dont work when visible=false
Basic Regular Expression for a 'generic' phone number
Best way to validate currency input?
Checking if a page IsValid even when CausesValidation is false
How to implement BaseValidator and IValidator in custom control - ASP.Net
Validation on a button click using RequiredFieldValidator
Invalid postback or callback argument.Event validation is enabled using
Set focus to text box from code behind after validation the inputs in asp.net web application
Custom Validator firing but it does not update the ValidationSummary