Just ran across this and thought I’d pass it along. Ever needed to allow html to be submitted as a part of an ASP.NET form? You go to test it and low and behold you get an error message stating that it is a “Potentially dangerous script…” You yell DOH!! Slap your head and go to the page declaration to add [ValidateRequest=”False”]. No problemmo. Bob’s your uncle, fanny’s your aunt, and all’s well with the world.

But wait. You’re living in .NET 4.0 now. Your still getting the error message. How can this be? Well in .NET 4.0 you need to do a little extra. IT seems they REALLY don’t want you to do this. So you have two choices.

` Add JavaScript to intercept the string before it is sent, Html encode it, and THEN send it to the server. Oh and don’t fore get to reverse the process whenever you need that data.

` Add the following extra tag to the section of your web.config file to tell .net that its ok.

` * <httpRuntime requestValidationMode=”2.0” />

The new error message gives you this info if you read it closely, but since it was a known error I didn’t look closely at it until I had found the fix online. For those who want more technical information here is a link to the article I found.