A potentially dangerous Request.Form value was detected from the client

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Login as admin
2. Go to Posts page
3. Create a new post
4. Give a name "Second" (any value)
5. Create a body, "Second body" (any value)
6. Select all text, in CKEditor set Size=medium (any value)
7. Press Post button

What is the expected output? What do you see instead?
Expected that new post is created with set content.

Instead, runtime error appears: A potentially dangerous Request.Form value was 
detected from the client 
(ctl00$ctl00$MainContent$pageContent$postsContent$Editor$richTextEditor$richText
Editor="<font size="4">secon...").

What version of the product are you using? On what operating system?
VS 2010, Windows 7, ASP.net development server

Please provide any additional information below.
I could not debug it and see the source of problem. I can do post easily if I 
do not touch any CKEditor controls, just a plain text.

Please see attached file with yellow screen dump.

Original issue reported on code.google.com by alexande...@gmail.com on 28 Jul 2010 at 12:35

Attachments:

• editwithfailure.htm

[GoogleCodeExporter]

Weird, seems like ASP.NET 4 is more strict than ASP.NET 3.5 was

Original comment by simone.chiaretta on 28 Jul 2010 at 2:07

[GoogleCodeExporter]

Yes, it is. Here's the answer, add this to web.config: <httpRuntime 
requestValidationMode="2.0" /> to go back to the old request validation mode.

For more details: 
http://www.asp.net/learn/whitepapers/aspnet4/breaking-changes/#_TOC4

Original comment by haac...@gmail.com on 28 Jul 2010 at 3:26

• Added labels: Priority-High
• Removed labels: Priority-Medium

[GoogleCodeExporter]

Guys, might not be it a good idea to check out the root cause ? As I said, it 
works OK if just to create text, with no style changes.

Or nothing is possible to change bacause it is in 3rd party, CKEditor?

Original comment by alexande...@gmail.com on 28 Jul 2010 at 7:25

[GoogleCodeExporter]

Well... I think adding the validationmode is easier that dissecting an old and 
obsolete RichTextEditor (we are using FCKEditor 2.something, not CKEditor yet)

Original comment by simone.chiaretta on 30 Jul 2010 at 11:16

• Changed state: Accepted

[GoogleCodeExporter]

Fixed in r4096

Original comment by simone.chiaretta on 30 Jul 2010 at 11:20

• Changed state: Fixed

[GoogleCodeExporter]

Fixed.

Do not 100% sure, is it related to this issue or not.. but it could be linked:

http://code.google.com/p/subtext/issues/detail?id=248

Original comment by alexande...@gmail.com on 30 Jul 2010 at 1:12

[GoogleCodeExporter]

Don't think they are linked...
thank you for verifying the fix :)
Simo

Original comment by simone.chiaretta on 30 Jul 2010 at 1:17

[GoogleCodeExporter]

Original comment by simone.chiaretta on 30 Jul 2010 at 1:17

• Added labels: Milestone-Release2.6