Below is the method you need to add to your ApiController to catch a file upload from client.
public async Task Upload()
MultipartMemoryStreamProvider stream = new MultipartMemoryStreamProvider();
// in case of multiple files uploading
foreach (HttpContent c in stream.Contents)
// read file bytes and file name
string fileName = c.Headers.ContentDisposition.FileName.Replace("\"", string.Empty);
byte fileBytes = await c.ReadAsByteArrayAsync();
Request validation is the .NET framework’s protector against XSS. If not explicitly turned off, all ASP.NET web application will check against XSS. it is to help from un-trusted data in URL and it is by default enabled, like image below.
In ASP.NET 4 , you can’t disable the “Request Validation” on specific ASPX pages, while you can do that in earlier versions.
To revert back to 2.0 request validation mode and disable request validation on pages level, you need to specify the “requestValidationMode” to be “2.0” in your web.config
Then try now 😉
- In Page directive add: ValidateRequest=”false”
- In web.config add: <httpRuntime requestValidationMode=”2.0″ />