Toolkit > Validate Query String

Validate Query String

If you are getting an unusual number of the following error, make sure it is not because of an SQL injection attempt.

A potentially dangerous request was detected from the client

If you have established that you are getting this error because of a false positive, then you can disable this particular security feature. So that this error message no longer appears.

Important! Disabling the Validate Query String feature removes one layer of security, but does not leave your site vulnerable. Each page is still protected by ASP.NET request validation, which prevents the server from accepting content containing unencoded HTML. It is also possible to disable the ASP.NET request validation, but we suggest that you disable it on a page-by-page basis.

Enabling Validate Query String

To enable the Validate Query String security feature in netFORUM, use the following steps:

Find the following web.config file on the web server: sites/iweb/web.config
Open this web.config file to edit it.
Search for the following key: netForumValidateRequest. You should find the following lines in the code:

<add key="netForumValidateRequest" value="false" />
Change the netForumValidateRequest value to true.
Save the web.config file after you edit it. The application pool recycles.

Disabling Validate Query String

To disable the Validate Query String security feature in netFORUM, use the following steps:

Find the following web.config file on the web server: sites/iweb/web.config
Open this web.config file to edit it.
Search for the following key: netForumValidateRequest You should find the following lines in the code:

<add key="netForumValidateRequest" value="true" />
Change the netForumValidateRequest value to false.
Save the web.config file after you edit it. The application pool recycles.