Request validation is a feature in ASP.NET that protects web applications against potentially malicious content in requests, specifically against cross-site scripting attacks (XSS).

Enable the directive validateRequest in your web.config file:

The following example shows the 'validateRequest' flag set to true in a Web.config file for ASP.NET. This will protect the web application against common XSS attacks:

If validateRequest is set to false , validation is disabled:

MSDN: Request Validation in ASP.NET .

MSDN: Validation ASP.NET Controls .