Hi
I am getting error on this line
ScriptManager.RegisterStartupScript(this, this.GetType(), "ShowModal", "$('#modal_form_horizontal').modal('show');", true);
A potentially dangerous Request.Form value was detected from the client (hfErrorMessage="...- allowed.</br>").
Description: ASP.NET has detected data in the request that is potentially dangerous because it might include HTML markup or script. The data might represent an attempt to compromise the security of your application, such as a cross-site scripting attack. If this type of input is appropriate in your application, you can include code in a web page to explicitly allow it.
Exception Details: System.Web.HtpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (hfErrorMessage="...- allowed.</br>").
protected void btnSubmit_Click(object sender, EventArgs e) { string errMessage = ""; if (String.IsNullOrWhiteSpace(txtBankName.Text)) { errMessage += "Bank Name is required and cannot Be empty.</br>"; } if (errMessage == "") { try { if (hdfId.Value == "0") { using (SqlConnection con = new SqlConnection(Common.CommonFunction.cnn_Live)) { SqlCommand cmd = new SqlCommand("Sp_Bank", con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@Action", "I"); cmd.Parameters.AddWithValue("@BankCode", SqlDbType.VarChar).Value = txtBankCode.Text.ToUpper(); cmd.Parameters.AddWithValue("@BankName", SqlDbType.VarChar).Value = txtBankName.Text.ToUpper(); SqlParameter successParam = cmd.Parameters.Add("@Success", SqlDbType.Bit); successParam.Direction = ParameterDirection.Output; con.Open(); cmd.ExecuteNonQuery(); bool success = (bool)successParam.Value; if (success) { string message = Common.CommonFunction.recordInsertedSucessfully; ShowMessage("Success", message, "Success"); } else { ShowMessage("Oops...", success.ToString(), "error"); } } } } catch (Exception ex) { ShowMessage("Oops...", Common.CommonFunction.ErrorMessage, "error"); } } else { if (errMessage == "") { ShowMessage("Oops...", Common.CommonFunction.ErrorMessage, "error"); } else { hfErrorMessage.Value = errMessage; ScriptManager.RegisterStartupScript(this, this.GetType(), "ShowModal", "$('#modal_form_horizontal').modal('show');", true); } } }
Thanks