After migrating CRM 4.0 to CRM 2011, CRM is throwing an exception : A potentially dangerous Request.Form value was detected from the client

I recently observed a scenario where a CRM 4.0 database was upgreaded to CRM 2011 and after upgrade process uses were not able to perform any kind of operation within CRM. The exception that we found was :

A potentially dangerous Request.Form value was detected from the client (crmFormSubmitXml=”<iteasy_postcode><it…”).;Hash=’1073421037′

This is because ASP.Net 4.0 now has a different behvaior and it inspects all request data. Rather that being the cookies, urls, headers, etc. This behavior is controlled by RequestValidationMode property.
Now to override this behavior for CRM 2011, all you need to do is set <httpRuntime requestValidationMode=”2.0″ /> in your web.config. This setting will enforce request validation in .Net 2.0 mode i.e. only Form’s input fields are checked for invalid HTML input.

Leave a Reply

Your email address will not be published. Required fields are marked *