ASP.NET 4 Request Validation at Page Level

Request validation is the .NET framework’s protector against XSS. If not explicitly turned off, all ASP.NET web application will check against XSS. it is to help from un-trusted data in URL and it is by default enabled, like image below.

RequestValidation1In ASP.NET 4 , you can’t disable the “Request Validation” on specific ASPX pages, while you can do that in earlier versions.



To revert back to 2.0 request validation mode and disable request validation on pages level, you need to specify the “requestValidationMode” to be “2.0” in your web.config


Then try now 😉



  1. In Page directive add: ValidateRequest=”false”
  2. In web.config add: <httpRuntime requestValidationMode=”2.0″ />

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s