Bewerken

Delen via


UnvalidatedRequestValues Class

Definition

Provides access to HTTP request values without triggering ASP.NET request validation.

public ref class UnvalidatedRequestValues sealed
public sealed class UnvalidatedRequestValues
type UnvalidatedRequestValues = class
Public NotInheritable Class UnvalidatedRequestValues
Inheritance
UnvalidatedRequestValues

Remarks

When ASP.NET reads the values in HTTP request collections (such as the Form, QueryString, and Cookies collections), it performs request validation. During request validation, ASP.NET examines the posted values and determines whether they contain markup, script, or reserved characters. By default, if ASP.NET detects any of these types of input, it throws an HttpRequestValidationException exception. This helps prevent malicious script injection attacks on your website.

However, in some cases, you might want to bypass ASP.NET request validation and allow values that contain markup, script, or reserved characters. For example, if your application uses a rich-text editor that enables users to submit HTML markup as formatted content, you can use the members of the UnvalidatedRequestValues class to retrieve the rich-text request values without triggering the default ASP.NET request validation. In your code, you access members of this class by using the Unvalidated property.

Important

If you use this class, you must manually check the data for potential cross-site scripting attacks.

Properties

Cookies

Gets the collection of cookies that the client sent, without triggering ASP.NET request validation.

Files

Gets the collection of files that the client uploaded, without triggering ASP.NET request validation.

Form

Gets the collection of form variables that the client submitted, without triggering ASP.NET request validation.

Headers

Gets the collection of HTTP headers that the client sent, without triggering request validation.

Item[String]

Gets the specified object from the Form, Cookies, QueryString, or ServerVariables collection, without triggering ASP.NET request validation.

Path

Gets the virtual path of the requested resource without triggering ASP.NET request validation.

PathInfo

Gets additional path information for a resource that has a URL extension, without triggering ASP.NET request validation.

QueryString

Gets the collection of HTTP query string variables that the client submitted, without triggering ASP.NET request validation.

RawUrl

Gets the part of the requested URL that follows the website name, without triggering ASP.NET request validation.

Url

Gets the URL data for the request without triggering ASP.NET request validation.

Methods

Equals(Object)

Determines whether the specified object is equal to the current object.

(Inherited from Object)
GetHashCode()

Serves as the default hash function.

(Inherited from Object)
GetType()

Gets the Type of the current instance.

(Inherited from Object)
MemberwiseClone()

Creates a shallow copy of the current Object.

(Inherited from Object)
ToString()

Returns a string that represents the current object.

(Inherited from Object)

Applies to