Error: A potentially dangerous Request.Form

Khi gặp lỗi: A potentially dangerous Request.Form value was detected from the client

Cách xử lý: thêm thuộc tính vào [ValidateInput(false)] ActionMethod như dưới đây

[HttpPost]
[ValidateAntiForgeryToken]
[ValidateInput(false)]
public ActionResult Edit([Bind(Include = “Id,SubjectId,Title,Content,…”)] Note note)
{

}

A potentially dangerous Request.Form value was detected from the client

Advertisements

The ‘ObjectContent`1’ type failed to serialize the response body for content type

Lỗi: The ‘ObjectContent`1’ type failed to serialize the response body …

Error>
<Message>An error has occurred.</Message>
<ExceptionMessage>
The ‘ObjectContent`1’ type failed to serialize the response body for content type ‘application/xml; charset=utf-8’.
</ExceptionMessage>
<ExceptionType>System.InvalidOperationException</ExceptionType>
<StackTrace/>
<InnerException>
<Message>An error has occurred.</Message>
<ExceptionMessage>
Type ‘System.Data.Entity.DynamicProxies.Note_F843D42272465FB5DCED8BD44BD094791BE3AEBE38A117FA4DA7420DB2525323’ with data contract name ‘Note_F843D42272465FB5DCED8BD44BD094791BE3AEBE38A117FA4DA7420DB2525323:http://schemas.datacontract.org/2004/07/System.Data.Entity.DynamicProxies&#8217; is not expected. Consider using a DataContractResolver if you are using DataContractSerializer or add any types not known statically to the list of known types – for example, by using the KnownTypeAttribute attribute or by adding them to the list of known types passed to the serializer.
</ExceptionMessage>
<ExceptionType>
System.Runtime.Serialization.SerializationException
</ExceptionType>

Xử lý: Chèn đoạn code này vào file WebApiConfig.cs trong phương thức public static void Register(HttpConfiguration config)

 var json = config.Formatters.JsonFormatter;
json.SerializerSettings.PreserveReferencesHandling = Newtonsoft.Json.PreserveReferencesHandling.Objects;
config.Formatters.Remove(config.Formatters.XmlFormatter);

Data Annotation EntityFramework

Sử dụng Data Annotation để hiển thị kiểu dữ liệu theo định dạng Ngày/Tháng/Năm (dd/MM/yyyy)

[DataType(DataType.Date)]
[DisplayFormat(DataFormatString=”{0:dd/MM/yyyy}”)]
[DefaultValue(“getdate()“)]
public DateTime CreatedDate { get; set; }

[DisplayFormat(ApplyFormatInEditMode = true, DataFormatString = “{0:dd/MM/yyyy}”)]
public Nullable<System.DateTime> NGAY_BAT_DAU { get; set; }