The following html is being inserted into content entered through the CuteEditor:

 

<a style="width: 20px; height: 20px; text-indent: 20px; background-repeat: no-repeat; background-image: url('/L:/HTMLWebpages/CuteEditor/Load.ashx?type=image&amp;file=anchor.gif');" id="Fall2009" name="Fall2009"></a>

 

The highlighted portion of the path is causing the following exception: "A potentially dangerous Request.Path value was detected from the client (:)"

 

I have no idea why that path is getting in there. My guess it is some default path set in the CuteEditor software, but the web.config specifies the CuteEditorDefaultFilesPath: <add key="CuteEditorDefaultFilesPath" value="~/CuteEditor" />

If you set ValidateRequest="true" or remove the ValidateRequest page attribute, ASP.NET request validation rejects the script input and produces an error similar to the following:
A potentially dangerous Request.Form value was detected from the client (txtString="<script>alert('hello...").

 

Detailed information can be found in http://msdn.microsoft.com/en-us/library/ff647397.aspx .

 

Regards,

Eric

You are talking about a different issue. This is dealing with Request.Path and not Request.Form, and it is being created by the load.ashx logic in the CuteEditor.

Hi wjfamilia,

 

I think you are using ASP.NET 4.0.

 

Try the below setting in web.config

 

 

Regards,

 

Ken