A potentially dangerous Request.Form value was detected from the client

Error of “A potentially dangerous Request.Form value was detected from the client” Why I am getting this error? This happens only when you’re trying to post HTML without encoding it, .Net provides security by validating all the input types when you submit your form. How to overcome this problem? I am going to discuss about how we can prevent this. You can achieve this by doing these steps: There are three ways I found in order to prevent this

1. Disabling the ValidateInput for Action
2. Allow HTML attribute in property
3. Encode the HTML before submit form

Disabling the Validate Input for Action If you don’t want to use the functionality of .net that validates the request of all properties, you can make your own mind how the benefits of request validation weigh again its danger. So its up to you if you don’t want this then you can simply disable this functionality. Here I am going to show how we can do this.

 [HttpPost, ValidateInput(false)]
  public ActionResult ViewName()
   {
    return View();
   }

By disabling the Validate Input now you will not receive this error message anymore because now system will not validate your inputs for this particular action Allow HTML attribute in property According to my opinion we should use this because in this we only need to apply one attribute on that property which being used as taking input as HTML, so instead disabling Validate Input method for all properties we can tell system that this field would be used as taking input of HTML. Here I am going to show how we can do this

[AllowHtml]
public string EmailTemplate { get; set; }

This is best approach in order to overcome this problem Encode the HTML before submit Form Here is one more way to overcome this problem but I don’t recommend to use this. We can Encode the html with the help of HttpUtility.HtmlEncode() function. So these are three ways to overcome this problem, hope we will like this