從客戶端檢測到潛在的危險Request.Form值 - A potentially dangerous Request.Form value was detected from the client

問題：

Every time a user posts something containing < or > in a page in my web application, I get this exception thrown. 每次用戶在Web應用程序的頁面中發佈包含<或>時，都會引起此異常。

I don't want to go into the discussion about the smartness of throwing an exception or crashing an entire web application because somebody entered a character in a text box, but I am looking for an elegant way to handle this. 我不想討論引起異常或崩潰整個Web應用程序的明智性，由於有人在文本框中輸入了字符，可是我正在尋找一種優雅的方式來解決這個問題。

Trapping the exception and showing 捕獲異常並顯示

An error has occurred please go back and re-type your entire form again, but this time please do not use < 發生錯誤，請返回並從新輸入整個表格，可是此次請不要使用<

doesn't seem professional enough to me. 在我看來還不夠專業。

Disabling post validation ( validateRequest="false" ) will definitely avoid this error, but it will leave the page vulnerable to a number of attacks. 禁用後驗證（ validateRequest="false" ）確定會避免此錯誤，可是它將使頁面容易受到多種攻擊。

Ideally: When a post back occurs containing HTML restricted characters, that posted value in the Form collection will be automatically HTML encoded. 理想狀況下：當發生包含HTML受限字符的回發時，Form集合中的已發賬值將自動進行HTML編碼。 So the .Text property of my text-box will be something & lt; html & gt; 所以，個人文本框的.Text屬性將是something & lt; html & gt; something & lt; html & gt;

Is there a way I can do this from a handler? 有沒有辦法能夠從處理程序作到這一點？

---

解決方案：

參考一： https://stackoom.com/question/LKR/從客戶端檢測到潛在的危險Request-Form值
參考二： https://oldbug.net/q/LKR/A-potentially-dangerous-Request-Form-value-was-detected-from-the-client