Search This Blog

Thursday 26 May 2016

A potentially dangerous Request.Form value was detected from the client

A potentially dangerous Request.Form value was detected from the client
Server Error in '/' Application.

A potentially dangerous Request.Form value was detected from the client


If you are getting above error, you need to do following changes in web.config or Page directive or both.

Step 1:-

Under <system.web> section, put following line to disable request validation whole site / all pages.

<pages validateRequest="false">

Or

You can use following under Page directive to disable request validation page specific.

ValidateRequest="false"

<%@ Page Language="C#" ValidateRequest="false" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="Demo.Default" %>

Step 2:-

If still you are getting the same error, you may need to do a little more (In .NET 4).

Go to under <system.web> section, put following line.
<httpRuntime requestValidationMode="2.0"/>

Note:-

The request validation feature in ASP.NET provides a certain level of default protection against cross site scripting (XSS).
Advisable, always avoid it because there is huge securities issue based on application nature.


Posted by at No comments:
Labels:

GridView Sorting example in ASP.NET using C#

Step 1:- Default.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="Demo.Default" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title>Sorting in Gridview</title>
</head>
<body>
    <form id="form1" runat="server">
        <div>
            <asp:GridView ID="GridView1" runat="server" CellPadding="4" ForeColor="#333333" GridLines="None" OnSorting="GridView1_Sorting" AllowSorting="True" AutoGenerateColumns="False">
                <AlternatingRowStyle BackColor="White" />
                <EditRowStyle BackColor="#7C6F57" />
                <FooterStyle BackColor="#1C5E55" Font-Bold="True" ForeColor="White" />
                <HeaderStyle BackColor="#1C5E55" Font-Bold="True" ForeColor="White" />
                <PagerStyle BackColor="#666666" ForeColor="White" HorizontalAlign="Center" />
                <RowStyle BackColor="#E3EAEB" />
                <SelectedRowStyle BackColor="#C5BBAF" Font-Bold="True" ForeColor="#333333" />
                <SortedAscendingCellStyle BackColor="#F8FAFA" />
                <SortedAscendingHeaderStyle BackColor="#246B61" />
                <SortedDescendingCellStyle BackColor="#D4DFE1" />
                <SortedDescendingHeaderStyle BackColor="#15524A" />
                <Columns>
                    <asp:BoundField DataField="RowNumber" HeaderText="RowNumber" SortExpression="RowNumber" />
                    <asp:BoundField DataField="Column1" HeaderText="Column1" SortExpression="Column1" />
                    <asp:BoundField DataField="Column2" HeaderText="Column2" SortExpression="Column2" />
                    <asp:BoundField DataField="Column3" HeaderText="Column3" SortExpression="Column3" />
                </Columns>
            </asp:GridView>
        </div>
        <div>
            <asp:Button ID="btnDownload" runat="server" Text="Download" OnClick="btnDownload_Click" />
        </div>
    </form>
</body>
</html>

Step 2:- Default.aspx.cs

using System;
using System.Collections.Generic;
using System.Data;
using System.IO;
using System.Linq;
using System.Text;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace Demo
{
    public partial class Default : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!Page.IsPostBack)
            {
                GridView1.DataSource = BindData();

                GridView1.DataBind();
            }
        }

        protected DataTable BindData()
        {
            DataTable dt = new DataTable();

            DataRow dr = null;

            dt.Columns.Add(new DataColumn("RowNumber"typeof(string)));

            dt.Columns.Add(new DataColumn("Column1"typeof(string)));

            dt.Columns.Add(new DataColumn("Column2"typeof(string)));

            dt.Columns.Add(new DataColumn("Column3"typeof(string)));

            int totalRow = 9;

            for (int i = 0; i < totalRow; i++)
            {
                dr = dt.NewRow();

                dr["RowNumber"] = i + 1;

                dr["Column1"] = "Row" + i;

                dr["Column2"] = "Row" + i;

                dr["Column3"] = "Row" + i;

                dt.Rows.Add(dr);
            }

            return dt;
        }

        protected void GridView1_Sorting(object sender, GridViewSortEventArgs e)
        {
            string sortDir = string.Empty;
            if (sortDirection.Equals(SortDirection.Ascending))
            {
                sortDirection = SortDirection.Descending;
                sortDir = "Desc";
            }
            else
            {
                sortDirection = SortDirection.Ascending;
                sortDir = "Asc";
            }

            DataView dataView = new DataView(BindData());
            dataView.Sort = e.SortExpression + " " + sortDir;

            GridView1.DataSource = dataView;
            GridView1.DataBind();

        }

        protected SortDirection sortDirection
        {
            get
            {
                if (ViewState["dirState"] == null)
                {
                    ViewState["dirState"] = SortDirection.Ascending;
                }
                return (SortDirection)ViewState["dirState"];
            }
            set
            {
                ViewState["dirState"] = value;
            }
        }
    }
}

Note:-

To sort the record click on gridview header.

Posted by at 3 comments:
Labels: , ,
Subscribe to: Posts (Atom)