问题描述

我使用WIF的时候也越来越请求验证错误。我得到正确发送到STS，但在回来的路上，我得到这个验证错误。

我照着所有的说明。

 ＆LT;的httpRuntime requestValidationMode =2.0/＆GT;
 

检查！

  [ValidateInput（假）]
 

检查！

 ＆LT;页validateRequest =false的＆GT;
 

检查！

我试过一个定制的验证，但它永远不会被实例化。

错误堆栈：

  [Htt的prequestValidationException（0X80004005）：从客户端检测到有潜在危险的Request.Form值（wresult =信任：RequestSecuri ...）。]
   System.Web.Htt prequest.ValidateString（字符串值，字符串collectionKey，RequestValidationSource requestCollection）11396740
   System.Web.Htt prequest.ValidateNameValueCollection（NameValueCollection中雷士，RequestValidationSource requestCollection）+82
   System.Web.Htt prequest.get_Form（）+212
   Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.IsSignInResponse（HTT prequest要求）+26
   Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.CanReadSignInResponse（HTT prequest要求，布尔的onpage）+145
   Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest（对象发件人，EventArgs参数）+108
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute（）+ 80
   System.Web.HttpApplication.ExecuteStep（IExecutionStep一步，布尔和放大器; completedSynchronously）+270
 

有什么建议？

 ＆LT;的httpRuntime requestValidationMode =2.0/＆GT;
 

此插件后，

 ＆LT;结构＆gt;
    ＆LT;＆的System.Web GT;
        ＆LT;页validateRequest =假/＆GT;
    ＆LT; /system.web>
＆LT; /结构＆gt;
 

也MVC3有一个Allo​​wHtml属性

  [AllowHtml]
公共字符串属性{获得;组; }
 

下面是一些有用的链接

<一个href=\"http://jwwishart.word$p$pss.com/2009/06/22/asp-net-mvc-pages-validaterequestfalse-doesnt-work/\">ASP.NET MVC - 页validateRequest =虚假不工作

I am also getting a request validation error when using WIF. I get correctly sent to the STS, but on the way back, I get this validation error.

I followed all the instructions.

<httpRuntime  requestValidationMode="2.0" />

check!

    [ValidateInput(false)]

check!

<pages validateRequest="false" >

check!

I tried a custom validator, but it never gets instantiated.

Error stack:

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (wresult="trust:RequestSecuri...").]
   System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +11396740
   System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, RequestValidationSource requestCollection) +82
   System.Web.HttpRequest.get_Form() +212
   Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.IsSignInResponse(HttpRequest request) +26
   Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.CanReadSignInResponse(HttpRequest request, Boolean onPage) +145
   Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args) +108
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +80
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +270

Any suggestions?

<httpRuntime requestValidationMode="2.0"/>

after this add

<configuration>
    <system.web>
        <pages validateRequest="false" />
    </system.web>
</configuration>

also in mvc3 there is an AllowHtml attribute

[AllowHtml]
public string Property{ get; set; }

here are some useful links

ASP.NET MVC – pages validateRequest=false doesn’t work?

Why is ValidateInput(False) not working?

这篇关于从客户端检测到有潜在危险的Request.Form值（wresult =＆QUOT;＆LT;信任：RequestSecuri ...＆QUOT;）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！