What is the use of ValidateRequest attribute in the Page directive?

Posted by Ddd on 2/8/2011 | Category: ASP.NET Interview questions | Views: 11767 | Points: 40

Post |

Interview FAQs |

Exclusive Questions |

Interview Home

Answer:

It is used to reduce the risk of cross-site scripting attacks for pages in ASP.NET applications. error messages like "Potentially dangerous value' are generated
because of this attribute.

example: in a textbox, if we write <script></script>
and then try to retreive its value, this attribute will result in an error.

It is true by default and can also be set to false.

Asked In: Many Interviews | Alert Moderator

Bookmark It

< Previous : Does the finally block execute even when we have u ...

Next > : What is the use of yield keyword in C#?

Comments or Responses

Posted by: Rajendrameghwal on: 2/9/2011 | Points: 10

I think just ValidateRequest = "true" in page directive will not work. we may need to set
<httpRuntime requestValidationMode="2.0" />
in web.config also as asp.net 4.0 has changed some thing in validation request.
Source : Page - 1201 (Apress Pro ASP.net 4 in C# 2010)

Posted by: Ddd on: 2/9/2011 | Points: 10

In order to use a Delegate, refer to some asp.net tutorials or MSDN.
My point was only to indicate the use of ValidateRequest attribute.
As regards the changes made in ASP.NET 4.0, I will have to check out and then let
you know. Thanks for the suggestions

More Interview Questions by Ddd

Latest Interview Questions