ASP.net 4.0嵌入Ckeditor 3.5 报错A potentially dangerous Request.Form value was detected from the client 的解决办法

新发布的版本Ckeditor3.5 嵌入到 ASP.net 4.0 页面时报错如下：

--------------------------------------------------------------------------------

Server Error in '/' Application.
--------------------------------------------------------------------------------

A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder_Body$tbContent="<p>
地方</p>
").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder_Body$tbContent="<p>
地方</p>
").

Source Error:

 

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:

1. Add a "Debug=true" directive at the top of the file that generated the error. Example:

  <%@ Page Language="C#" Debug="true" %>

or:

2) Add the following section to the configuration file of your application:

<configuration>
   <system.web>
       <compilation debug="true"/>
   </system.web>
</configuration>

Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.

Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario. 

Stack Trace:

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder_Body$tbContent="<p>
 地方</p>
").]
   System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +8734868
   System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, RequestValidationSource requestCollection) +122
   System.Web.HttpRequest.get_Form() +114
   System.Web.HttpRequest.get_HasForm() +8900239
   System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +97
   System.Web.UI.Page.DeterminePostBackMode() +69
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +8431
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +253
   System.Web.UI.Page.ProcessRequest() +78
   System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21
   System.Web.UI.Page.ProcessRequest(HttpContext context) +49
   ASP.ivxworksportal_admin_postarticles_aspx.ProcessRequest(HttpContext context) in c:/Users/Louis.Liu/AppData/Local/Temp/Temporary ASP.NET Files/root/c545485b/749daf0d/App_Web_hse3vdmf.0.cs:0
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +100
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75
 

--------------------------------------------------------------------------------

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

解决办法：

第一步：

在web.config里面

view plaincopy to clipboardprint?
01.<system.web> 
02.  <httpRuntime requestValidationMode="2.0" /> 
03.</system.web> 
  <system.web>
    <httpRuntime requestValidationMode="2.0" />
  </system.web>

第二步：

在嵌入ckeditor3.5页面的头部加如下代码：ValidateRequest="false"

view plaincopy to clipboardprint?
01.<%@ Page Title="" Language="C#" ValidateRequest="false" MasterPageFile="~/IVxWorksPortal/Admin/Admin.Master" AutoEventWireup="true" CodeBehind="PostArticles.aspx.cs" Inherits="IVxWorksSYS.IVxWorksPortal.Admin.PostArticles" %> 
<%@ Page Title="" Language="C#" ValidateRequest="false" MasterPageFile="~/IVxWorksPortal/Admin/Admin.Master" AutoEventWireup="true" CodeBehind="PostArticles.aspx.cs" Inherits="IVxWorksSYS.IVxWorksPortal.Admin.PostArticles" %> OK，问题解决。