Try to access Request Form Post data from ActionFilterAttribute throw A potentially dangerous Request.Form value was detected from the client

208 Views Asked by TotPeRo At 17 December 2017 at 01:43

I have implemented custom ActionFilterAttribute to create custom web access log and OnActionExecuted I try to access ActionExecutedContext.HttpContext.Request.Formcollection using Request.Form.GetValues("key") i get this error:

A potentially dangerous Request.Form value was detected from the client (Aplications[0].Name="...."

because in my submitted form inputs contains HTML code.

I don't want to disable some .net MVC integrated security using validateRequest="false" and also I can't set to all my input or actions [AllowHtml] or ValidateInput(false) because my action filter catch all my controllers.

I found a hack solution but is no other option?

using (var reader = new StreamReader(request.InputStream))
{
    var content = reader.ReadToEnd();
    var inputsNameValueCollection = HttpUtility.UrlDecode(content).Split('&');
    foreach (string input in inputsNameValueCollection)
    {
        var inputNameValue = input.Split('=');
        var inputName = nameValue[0];
        var inputValue = nameValue[1];
    }
}

Original Q&A

Try to access Request Form Post data from ActionFilterAttribute throw A potentially dangerous Request.Form value was detected from the client

There are 0 best solutions below

Related Questions in ASP.NET

Related Questions in ASP.NET-MVC

Related Questions in VALIDATION

Related Questions in HTTP-POST

Related Questions in REQUEST.FORM

Trending Questions

Popular # Hahtags

Popular Questions