Ò׽ؽØÍ¼Èí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

¹ØÓÚASP.NetµÄvalidateRequest=false£¨ÑéÖ¤ÇëÇó£©

ASP.NetµÄvalidateRequest=false
      validateRequest="false"   Ö¸ÊÇ·ñÒªIISÑéÖ¤Ò³ÃæÌá½»µÄ·Ç·¨×Ö·û£¬±ÈÈ磺>,<ºÅµÈ,µ±ÎÒÃÇÐèÒª½«Ò»¶¨¸ñʽµÃhtml´úÂë»ñµÃ£¬²åÈëÊý¾Ý¿âʱºò£¬¾ÍÒª½«Õâ¸öÊôÐÔÉèÖÃΪfalse,ÀýÈçÄ㽫×ÖÌå¼Ó´ÖµÈ²Ù×÷ʱ¡£
   
ASP.Net 1.1ºóÒýÈëÁ˶ÔÌá½»±íµ¥×Ô¶¯¼ì²éÊÇ·ñ´æÔÚXSS(¿çÕ¾½Å±¾¹¥»÷)µÄÄÜÁ¦¡£µ±Óû§ÊÔͼÓÃÖ®ÀàµÄÊäÈëÓ°ÏìÒ³Ãæ·µ»Ø½á¹ûµÄʱºò£¬ASP.NetµÄÒýÇæ»áÒý·¢Ò»¸ö HttpRequestValidationExceptioin¡£Ä¬ÈÏÇé¿öÏ»᷵»ØÈçÏÂÎÄ×ÖµÄÒ³Ãæ£º
ÒÔÏÂÊÇÒýÓÃÆ¬¶Î£º
Server Error in '/YourApplicationPath' Application
A potentially dangerous Request.Form value was detected from the client
(txtName="<b>").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.
Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (txtName="<b>").
....
¡¡¡¡ÕâÊÇASP.NetÌṩµÄÒ»¸öºÜÖØÒªµÄ°²È«ÌØÐÔ¡£ÒòΪºÜ¶à³ÌÐòÔ±¶Ô°²È«Ã»ÓиÅÄÉõÖÁ¶¼²»ÖªµÀXSSÕâÖÖ¹¥»÷µÄ´æÔÚ£¬ÖªµÀÖ÷¶¯È¥·À»¤µÄ¾Í¸üÉÙÁË¡£ASP.NetÔÚÕâÒ»µãÉÏ×öµ½Ä¬Èϰ²È«¡£ÕâÑùÈö԰²È«²»ÊǺÜÁ˽âµÄ³ÌÐòÔ±ÒÀ¾É¿ÉÒÔд³öÓÐÒ»¶¨°²È«·À»¤ÄÜÁ¦µÄÍøÕ¾¡£
¡¡¡¡µ«ÊÇ£¬µ±ÎÒGoogleËÑË÷ HttpRequestValidationException »òÕß "A potentially dangerous Request.Form value was detected from the client"µÄʱºò£¬¾ªÆæµÄ·¢Ïִ󲿷ÖÈ˸ø³öµÄ½â¾ö·½°¸¾¹È»ÊÇÔÚASP.NetÒ³ÃæÃèÊöÖÐͨ¹ýÉèÖà validateRequest=false À´½ûÓÃÕâ¸öÌØÐÔ£¬¶ø²»È¥¹ØÐÄÄǸö³ÌÐòÔ±µÄÍøÕ¾ÊÇ·ñÕæµÄ²»ÐèÒªÕâ¸öÌØÐÔ¡£¿´µÃÎÒÕâ½ÐÒ»¸öµ¨Õ½Ðľª¡£°²È«ÒâʶӦ¸Ãʱʱ¿Ì¿ÌÔÚÿһ¸ö³ÌÐòÔ±µÄÐÄÀ²»¹ÜÄã¶Ô°²È«µÄ¸ÅÄîÁ˽â¶àÉÙ£¬Ò»¸öÖ÷¶¯µÄÒâʶÔÚÄÔ×ÓÀÄãµÄÕ¾µã¾Í»á°²È«ºÜ¶à¡£
¡¡¡¡ÎªÊ²Ã´ºÜ¶à³ÌÐòÔ±ÏëÒª½ûÖ¹


Ïà¹ØÎĵµ£º

asp.net mvc ajax Íⲿjs Òì²½µÝ½» formµÄʵÏÖ

Ò³ÃæÎļþÀàËÆ£º
<% using (Ajax.BeginForm("AjaxUpdate", 123, new AjaxOptions {
Confirm = "confirm str", LoadingElementId = "idLoading", UpdateTargetId
= "textEntered", OnSuccess = "validateForm" },new{id="idMyForm"}))
  &nbs ......

Asp.NetÐÔÄÜÓÅ»¯

(Ò»).Ñ¡Ôñ»á»°×´Ì¬´æ´¢·½Ê½
    ÔÚWebconfigÎļþÅäÖÃ:
    <sessionState mode="???" stateConnectionString="tcpip=127.0.0.1:42424"
         sqlConnectionString="data source=127.0.0.1;Trusted_Connection=y ......

asp.net DropDownList ÏîÄ¿¶¯Ì¬Ìí¼Ó


Dotjum 這邊Òª½é紹Ò²ÊÇÒ»個ºÜ經µäµÄ ASP.NET ÀÏ問題£¬¾ÍÊÇÔõ麼ÒªÔÚÏÂÀ­選項ÖУ¬Ò»開ʼ DataBind() 資ÁÏ繫結時£¬
¾ÍÏȳö現預設選項 請選擇£¬Æä實×ö這個· ......

ASP.NET MVC¸ÅÀÀ£¨C#£©

Model-View-Controller (MVC) ¼Ü¹¹Ä£Ê½½«Ò»¸öÓ¦ÓóÌÐò·ÖΪÈý¸ö×é³É²¿·Ö:Ä£ÐÍ£¬ÊÓͼÓë¿ØÖÆÆ÷¡£ASP.NET MVC¿ò¼ÜΪ´´½¨»ùÓÚMVCµÄWebÓ¦ÓóÌÐòÌṩÁËÒ»ÖÖÌæ´ú·½°¸¡£ASP.NET MVC¿ò¼ÜÊÇÒ»¸öÇáÁ¿¼¶µÄ£¬¿É¸ß¶È²âÊÔµÄչʾ¿ò¼Ü£¨»ùÓÚWeb´°ÌåµÄÓ¦ÓóÌÐò£©£¬Ëü¼Ì³ÐÁËÏÖÓеÄASP.NETÌØÐÔ£¬±ÈÈçĸ°æÒ³ºÍ³ÉÔ±×ʸñȨÏÞ¡£ MVC¿ò¼Ü¶¨Ò ......

ÔÚASP.Net 2.0ÖÐʵÏÖ¶àÓïÑÔ½çÃæµÄ·½·¨

¡¡1£® ¸úÒÔǰһÑù×ö½çÃæ£¬Ö»ÊÇ×¢Ò⣬°ÑËùÓÐÐèÒªÓжàÓïÑÔ½çÃæµÄÎÄ×Ö¶¼ÓÃlabelÀ´×ö
¡¡¡¡2£® ×öÍêÒÔºó£¬ÔÚSolution ExplorerÀïÑ¡ÖÐÕâ¸öÎļþ£¬Ñ¡Tools-£¾Generate Local Resource
¡¡¡¡3£® Äã»á·¢ÏÖÉú³ÉÁËÒ»¸öĿ¼£¬App_LocalResources£»Õâ¸öĿ¼Àï¶àÁËÒ»¸öresxµÄÎļþ¡£±ÈÈçÄãµÄaspxÎļþÊÇdefault.aspx£¬Ëü¾Í»áÉú³ÉÒ»¸ö½Ð×öde ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØÍ¼ | ¸ÓICP±¸09004571ºÅ