AppFabric ACS Exception: A potentially dangerous Request.Form value was detected from the client (wresult="<t:RequestSecurityTo...")

Monday, September 20, 2010



AppFabric ACS Exception : A potentially dangerous Request.Form value was

When you are working with AppFabric ACS labs and implement identity providers such as Windows Livefollowing error might show up when you try to run your application

A potentially dangerous Request.Form value was detected from the client (wresult="<t:RequestSecurityTo...").

This error occurs because ACS sends you a SAML in a POST request, as the wresult value token. ASP.NET considers this as if a user typed some XML content in a textbox called "wresult" which is considered to be unsafe by ASP.NET. ASP.NET considers this kind of values as potentially dangerous, as some kind of script injection.

Therefore, if in your application Request Validation is enables this exception is thrown.

As a solution, you need to add ValidateRequest="false" in your page or in you web.config. This is a required step in case you want to integrate AppFabric ACS.

0 comments:

Post a Comment

Followers

 

2009 ·Techy Freak by TNB