HttpRequest.Unvalidated 属性

定义

获取 HTTP 请求值,不触发请求验证。Gets the HTTP request values without triggering request validation.

public:
 property System::Web::UnvalidatedRequestValues ^ Unvalidated { System::Web::UnvalidatedRequestValues ^ get(); };
public System.Web.UnvalidatedRequestValues Unvalidated { get; }
member this.Unvalidated : System.Web.UnvalidatedRequestValues
Public ReadOnly Property Unvalidated As UnvalidatedRequestValues

属性值

UnvalidatedRequestValues

尚未使用请求验证检查的 HTTP 请求值。The HTTP request values that have not been checked using request validation.

注解

请求验证检查是否存在可能指示跨站点脚本攻击的 HTML 标记和脚本。Request validation checks for HTML markup and script that might indicate a potential cross-site scripting attack. 默认情况下,所有值都是使用请求验证进行检查的,如果任何值包含标记或脚本,ASP.NET 将引发 HttpRequestValidationException 异常。By default, all values are checked using request validation and if any values contain markup or script, ASP.NET throws an HttpRequestValidationException exception. 如果预计请求将包含标记 (例如,你允许用户发布包含标记) 的内容,并且你想要获取请求的原始值,请使用此方法。Use this method if you anticipate that the request will contain markup (for example, you are allowing users to post content that contains markup) and you want to get the raw value of a request.

重要

如果使用此属性,则必须手动检查数据是否存在潜在的跨站点脚本攻击。If you use this property, you must manually check the data for potential cross-site scripting attacks.

适用于

另请参阅