Potential dangerous request error while saving the html content in webparts zone in html envelope

Nikhila Reddy Pocha asked on February 24, 2019 20:21

Hi all,

One unexpected error occurs i.e potential dangerous request error while saving the html content in webparts zone in html envelope. Previously working fine suddenly throwing this error while saving. Please see below event log error message for more description about this. IMG-20190223-WA0003

Message: A potentially dangerous Request.Form value was detected from the client (m$c$wpzp$formElem$ContentBefore$cntElem$txtArea="<div class="mobile-c...").

Exception type: System.Web.HttpRequestValidationException Stack trace: at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) at System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection) at System.Web.HttpRequest.get_Form() at System.Web.UI.Page.DeterminePostBackMode() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Looking forward for suggestions why this happening.

Thanks Regards Nikhila Reddy

Correct Answer

Nikhila Reddy Pocha answered on February 28, 2019 17:10

It did not work with Html fixes. After further investigation. This is a generic issue because of configuration change in Stating environment.

• I found the validate request is not set in pages configuration of UAT. Which is <pages validateRequest="false"> in Dev1 After this attribute is added to config file. Its working

Thank you.

1 votesVote for this answer Unmark Correct answer

Recent Answers


Trevor Fayas answered on February 25, 2019 15:02

Can you post what is in the content before as it looks like the error is concerning whatever is in there.

0 votesVote for this answer Mark as a Correct answer

Nikhila Reddy Pocha answered on February 26, 2019 22:25

Hi Trevor

Please find html used in content before html section of webpart zone.

<div class="mobile-crown-header">
  <a class="logo" href="/"><img src="/images/unoua_pinwheel_h_mobile.png" alt="Abc Logo"></a>
  <ul class="mobile-icon-menu">
    <li><a href="/cart"><span class="ws-icon-Cart"></span></a></li>
    <li><a href="#" class="sso-sign-in" id="mobile-sso"><span class="ws-icon-MyAccountMobile"></span></a></li>
    <li><a href="#"><span class="ws-icon-Hamburger"></span></a></li>
  </ul>
</div>

<div class="desktop-crown-header">
   <div class="container nopadding">
    <ul class="site-links-desktop left">
        <li><a href='https://www.abm.com/' class="active-site">ABC intial</a></li>
        <li><a href='http://abcm.com/'>Abcness</a></li>
'<li><a href='http://abcm.com/'>Bbcness</a></li>
    </ul>
    <ul class="site-links-desktop right">
      <li class="myLocation "><a id="crownLocation" href="qualForm" class="crown-location">Click here to provide your location</a></li>
      <li><a href="/cart" class="ws-icon-Cart desktop-cart"></a></li>
           <li><a id="destopMenu" href="#">Menu<span><i class="material-icons">arrow_drop_down</i></span></a>
      <ul>
          <li><a href=' https://www.abms.com/referralprogram/'>Referral Program</a></li>
          <li><a href='https://www.abms.com/Movers/'>Move My Service</a></li>
          <li><a href=' http://www.testabsm.net/'>Go to eam</a></li>
          <li><a href=' http://blog.my.com/'>my Blog</a></li>
          <li><a href=" https://www.abcm.com/contactus/">Contact Us</a></li>
        </ul>
      </li>
      <li><a class="sso-sign-in" id="desktopAccount">My Account</a>
      <ul>
          <li><a href='https://www.abs.com/'>Manage My Account</a></li>
          <li><a href='https://www.abs.com/'>View or Pay my Bill</a></li>
          <li><a href='https://www.abs.com/'>Check My Email</a></li>
          <li><a href="#" class="sso-sign-out">Sign Out</a></li>
        </ul>
      </li>
   <li>
         <a id="crownSearchTrigger" class="ws-icon-Search" ></a>
        <input id="crownSearchInput" class="search-input" type="search" title="Search" placeholder="Search:"> 
      </li> 
    </ul>
  </div>
</div>

I m wondering that above html working fine in Dev enviorment but not working for Qa enviorment and throwing the potential dangerous request while saving.

Thanks

Nikhila Reddy

0 votesVote for this answer Mark as a Correct answer

Trevor Fayas answered on February 26, 2019 22:31

Try closing the img and input tags, there is no closing tag and they are not self closed, that may fix it...

0 votesVote for this answer Mark as a Correct answer

Nikhila Reddy Pocha answered on February 27, 2019 14:59 (last edited on February 27, 2019 15:00)

Hi Trevor,

<div class="mobile-crown-header">
  <a class="logo" href="/"><img src="/images/kinetic_pinwheel_h_mobile.png" alt="Windstream Logo"></img></a>
  <ul class="mobile-icon-menu">
    <li><a href="/cart"><span class="ws-icon-Cart"></span></a></li>
    <li><a href="#" class="sso-sign-in" id="mobile-sso"><span class="ws-icon-MyAccountMobile"></span></a></li>
    <li><a href="#"><span class="ws-icon-Hamburger"></span></a></li>
  </ul>
</div>

<div class="desktop-crown-header">
   <div class="container nopadding">
    <ul class="site-links-desktop left">
        <li><a href='https://www.windstream.com/' class="active-site">Residential</a></li>
        <li><a href='http://smallbusiness.windstream.com/'>Business</a></li>
        <li> <a href='https://www.windstreamenterprise.com'>Enterprise</a></li>
    </ul>
    <ul class="site-links-desktop right">
      <li class="myLocation "><a id="crownLocation" href="qualForm" class="crown-location">Click here to provide your location</a></li>
      <li><a href="/cart" class="ws-icon-Cart desktop-cart"></a></li>
           <li><a id="destopMenu" href="#">Menu<span><i class="material-icons">arrow_drop_down</i></span></a>
      <ul>
          <li><a href=' https://www.windstream.com/referralprogram/'>Referral Program</a></li>
          <li><a href='https://www.windstream.com/Movers/'>Move My Service</a></li>
          <li><a href=' http://www.windstream.net/'>Go to Windstream.net</a></li>
          <li><a href=' http://blog.windstream.com/'>Windstream Blog</a></li>
          <li><a href=" https://www.windstream.com/contactus/">Contact Us</a></li>
        </ul>
      </li>
      <li><a class="sso-sign-in" id="desktopAccount">My Account</a>
      <ul>
          <li><a href='https://www.windstreamonline.com/'>Manage My Account</a></li>
          <li><a href='https://www.windstreamonline.com/'>View or Pay my Bill</a></li>
          <li><a href='https://www.windstreamonline.com/'>Check My Email</a></li>
          <li><a href="#" class="sso-sign-out">Sign Out</a></li>
        </ul>
      </li>
   <li>
         <a id="crownSearchTrigger" class="ws-icon-Search" ></a>
        <input id="crownSearchInput" class="search-input" type="search" title="Search" placeholder="Search:"></input>
      </li> 
    </ul>
  </div>
</div>

I tried closing input and img tags and still throws the same error. Let me know if there is any other things am missing.

Thanks Nikhila

0 votesVote for this answer Mark as a Correct answer

Rui Wang answered on February 27, 2019 16:24

I did some clean up and had no error, but I'm on my localhost. Can you try to remove the <input ..> and save and see if you still get the error?

<div class="mobile-crown-header">
  <a class="logo" href="/"><img src="/images/kinetic_pinwheel_h_mobile.png" alt="Windstream Logo" /></a>
  <ul class="mobile-icon-menu">
    <li><a href="/cart"><span class="ws-icon-Cart"></span></a></li>
    <li><a href="#" class="sso-sign-in" id="mobile-sso"><span class="ws-icon-MyAccountMobile"></span></a></li>
    <li><a href="#"><span class="ws-icon-Hamburger"></span></a></li>
  </ul>
</div>

<div class="desktop-crown-header">
   <div class="container nopadding">
    <ul class="site-links-desktop left">
        <li><a href="https://www.windstream.com/" class="active-site">Residential</a></li>
        <li><a href="http://smallbusiness.windstream.com/">Business</a></li>
        <li><a href="https://www.windstreamenterprise.com">Enterprise</a></li>
    </ul>
    <ul class="site-links-desktop right">
      <li class="myLocation "><a id="crownLocation" href="qualForm" class="crown-location">Click here to provide your location</a></li>
      <li><a href="/cart" class="ws-icon-Cart desktop-cart"></a></li>
      <li><a id="destopMenu" href="#">Menu<span><i class="material-icons">arrow_drop_down</i></span></a>
        <ul>
          <li><a href="https://www.windstream.com/referralprogram/">Referral Program</a></li>
          <li><a href="https://www.windstream.com/Movers/">Move My Service</a></li>
          <li><a href="http://www.windstream.net/">Go to Windstream.net</a></li>
          <li><a href="http://blog.windstream.com/">Windstream Blog</a></li>
          <li><a href="https://www.windstream.com/contactus/">Contact Us</a></li>
        </ul>
      </li>
      <li><a class="sso-sign-in" id="desktopAccount">My Account</a>
        <ul>
          <li><a href="https://www.windstreamonline.com/">Manage My Account</a></li>
          <li><a href="https://www.windstreamonline.com/">View or Pay my Bill</a></li>
          <li><a href="https://www.windstreamonline.com/">Check My Email</a></li>
          <li><a href="#" class="sso-sign-out">Sign Out</a></li>
        </ul>
      </li>
      <li>
        <a id="crownSearchTrigger" class="ws-icon-Search" ></a>
        <input id="crownSearchInput" class="search-input" type="search" title="Search" placeholder="Search:"></input>
      </li> 
    </ul>
  </div>
</div>
0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.