我们在具有负载平衡服务器的2台服务器上安装了Internet站点,两台服务器上的代码相同,但其中一台服务器每分钟显示以下例外,“$ MainContent $ ASPCONTROL“每次都在变化。从客户端检测到有潜在危险的Request.Form值异常
A potentially dangerous Request.Form value was detected from the client (ctl00$MainContent$drpOwnerNationality="...lect'"()&%<acx><ScRiPt >prompt..."). at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection)
at System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection)
at System.Web.HttpRequest.get_HasForm()
at System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull)
at System.Web.UI.Page.DeterminePostBackMode()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)_ApplicationError,
我认为你的控制之一有脚本..ASP.Net做潜在的XSS验证您的窗体上的所有输入,...所以它是检测脚本像字符串中的一个你的控件是什么例外状态.. – Viru
请同时添加asp.net页面代码 – Aristos
你是否在任何输入字段中向服务器发送HTML? –