How can I get back textbox's values like this "<value>" in aspx

I have a page with a button and a textbox, when a input "<string>" in the text box and then I press the button I got this error: A potentially dange开发者_如何学JAVArous Request.Form value was detected from the client (TextBox1=""<string>"").

This is a security feature of ASP.NET, which prevents a user to submit potentially dangerous code like script blocks.

You can disable this by setting the validateRequest attribute of the Page directive to false

 <%@ Page validateRequest="false" %>

or disable it in web.config:

<configuration>
    <system.web>
        <pages validateRequest="false" />
    </system.web>
</configuration>

But be careful! As I said, this is a security feature!

You can read more about it here: http://www.asp.net/learn/whitepapers/request-validation

You need to tell ASP not to validate the form values on the page:

<%@ Page  ... ValidateRequest="false"%>

This gets rid of your error, but on the back end you need to protect yourself from malicious input. Replace all < and > characters with encoded values so that you do not open yourself up to a XSS attack.

Because you are passing the "<" and the ">", which could include possible malicious data. You need to turn off page validation by either:

Setting the page declaration:

<%@ Page Language="C#" ValidateRequest="false" %>

Or in the web.config:

<system.web>
  <pages validateRequest="false" />
</system.web>

If you do this you need to sanitize the input stringently! You can do this by encoding your input on the server side:

Server.HtmlEncode(TextBox1.Text)