My ASP.NET page has an <asp:TextBox /> whose text input is encoded via HttpUtility.HtmlEncode();

Question

0

Asked: May 16, 20262026-05-16T21:39:22+00:00 2026-05-16T21:39:22+00:00

My ASP.NET page has an <asp:TextBox /> whose text input is encoded via HttpUtility.HtmlEncode();

0

My ASP.NET page has an <asp:TextBox /> whose text input is encoded via HttpUtility.HtmlEncode();

The page also contains validators such as <asp:RequiredFieldValidator /> and <asp:CustomValidator /> as well as several AJAX toolkit <toolkit:ValidatorCalloutExtender />

If the user inputs </ as the text in the textbox, a Javascript error

A potentially dangerous Request.Form value was detected
from the client (ctl00$contentPlaceHolder$ucLookup$tbxLastName=&quot;&lt;/&quot;)

happens when the form is submitted. I have tried adding various event handlers such as

protected void Page_PreInit(object sender, EventArgs e){}
protected void Page_Init(object sender, EventArgs e){}
protected void Page_PreLoad(object sender, EventArgs e){}

and setting breakpoints but none of them are hit, leading me to believe the error only happens client-side.

How can I debug this error? Are there any hooks which allow me to intercept the user’s input and filter or encode it before it causes this issue?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-16T21:39:22+00:00

Editorial Team

2026-05-16T21:39:22+00:00Added an answer on May 16, 2026 at 9:39 pm

Try checking out the suggestions in this thread: A potentially dangerous Request.Form value was detected from the client

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

My ASP.NET page has an <asp:TextBox /> whose text input is encoded via HttpUtility.HtmlEncode();

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply