Watch, Follow, &
Connect with Us

For forums, blogs and more please visit our
Developer Tools Community.


Welcome, Guest
Guest Settings
Help

Thread: IW IWLib IIS Exception


This question is not answered. Helpful answers available: 2. Correct answers available: 1.


Permlink Replies: 4 - Last Post: Mar 14, 2017 11:35 AM Last Post By: Chad Hower
Johan Erasmus

Posts: 4
Registered: 6/11/06
IW IWLib IIS Exception  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Mar 13, 2017 4:05 AM
Hi
After compiling my application as an IW library (14.1.14) and deploying on ISS 8.5 on Server 2012R2 I get the error below. When running as SA or ISAPI this error does not occur.
I currently have an active subscription.
Johan


Server Error in '/xyz' Application.

A potentially dangerous Request.Form value was detected from the client (IWEMESSAGE="<!DOCTYPE html PUBLI...").
Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see http://go.microsoft.com/fwlink/?LinkID=212874.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (IWEMESSAGE="<!DOCTYPE html PUBLI...").

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Alexandre Machado

Posts: 1,754
Registered: 8/10/13
Re: IW IWLib IIS Exception  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Mar 14, 2017 1:24 AM   in response to: Johan Erasmus in response to: Johan Erasmus
Johan Erasmus wrote:
Hi
After compiling my application as an IW library (14.1.14) and deploying on ISS 8.5 on Server 2012R2 I get the error below. When running as SA or ISAPI this error does not occur.
I currently have an active subscription.
Johan


Server Error in '/xyz' Application.

A potentially dangerous Request.Form value was detected from the client (IWEMESSAGE="<!DOCTYPE html PUBLI...").
Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see http://go.microsoft.com/fwlink/?LinkID=212874.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (IWEMESSAGE="<!DOCTYPE html PUBLI...").

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


Hi Johan,

we need more information to try to identify this...

Are you able to run your application, i.e. does the main form show when you post a first request? If so, does this error appear after a particular request?
Johan Erasmus

Posts: 4
Registered: 6/11/06
Re: IW IWLib IIS Exception  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Mar 14, 2017 1:47 AM   in response to: Alexandre Machado in response to: Alexandre Machado
Hi Alexandre

The application runs fine on all forms except one of my config forms. This form contains an HTML e-mail template in a memo, as soon as a post back occurs this exception is raised by .NET.

Johan

Alexandre Machado wrote:
Johan Erasmus wrote:
Hi
After compiling my application as an IW library (14.1.14) and deploying on ISS 8.5 on Server 2012R2 I get the error below. When running as SA or ISAPI this error does not occur.
I currently have an active subscription.
Johan


Server Error in '/xyz' Application.

A potentially dangerous Request.Form value was detected from the client (IWEMESSAGE="<!DOCTYPE html PUBLI...").
Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it. For more information, see http://go.microsoft.com/fwlink/?LinkID=212874.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (IWEMESSAGE="<!DOCTYPE html PUBLI...").

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


Hi Johan,

we need more information to try to identify this...

Are you able to run your application, i.e. does the main form show when you post a first request? If so, does this error appear after a particular request?
Alexandre Machado

Posts: 1,754
Registered: 8/10/13
Re: IW IWLib IIS Exception  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Mar 14, 2017 2:13 AM   in response to: Johan Erasmus in response to: Johan Erasmus
OK, I see now.

Can you please send me the memo content via e-mail, so I can try to recreate it in our environment? My email is alexandre [at] atozed dot com

Kind regards
Chad Hower

Posts: 613
Registered: 3/2/07
Re: IW IWLib IIS Exception  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Mar 14, 2017 11:35 AM   in response to: Johan Erasmus in response to: Johan Erasmus
On 3/14/2017 4:47 AM, Johan Erasmus wrote:
A potentially dangerous Request.Form value was detected from the client (IWEMESSAGE="<!DOCTYPE html PUBLI...").

http://stackoverflow.com/questions/81991/a-potentially-dangerous-request-form-value-was-detected-from-the-client

Either you are sending some <> chars, or IW is not encoding them properly.
Legend
Helpful Answer (5 pts)
Correct Answer (10 pts)

Server Response from: ETNAJIVE02