程式是framework 2.0版本開發的，由於現在framework已升級為 4.0，為了讓程式更安全，所以我在iis上選擇程式的執行版本來framework 4.0。在執行程式後臺新增網站內容時出以下錯誤頁面資訊：

Server Error in '/' Application.
A potentially dangerous Request.Form value was detected from the client (FCKeditor1="...地產開發集團有限公司<br />
<br />
<img...").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (FCKeditor1="...地產開發集團有限公司<br />
<br />
<img...").

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

出現此錯誤後，根據多方資料查證，頁面在編輯的內容中包含有HTML標記或指令碼標記時，ASP.NET頁面為了防範頁面注入功能會啟用保護機制，頁面會丟擲一個"A potentially dangerous Request.Form value was deceted from the client"的異常。從framework 2.0版本時只需要在頁面<%@Page %>部分加入ValidateRequest="false"屬性就可以解決，但是在framework 4.0以後還需要在web.config里加入<httpRuntime requestValidationMode="2.0"/>這個配置。

出現錯誤前的web.config配置圖

修改web.config配置成功解決圖


如果在web.config裡沒有httpRuntime屬性的話就直接加 <httpRuntime requestValidationMode="2.0" />就可以了。