从客户端检测到潜在的危险Request.Form值 - A potentially dangerous Request.Form value was detected from the client

问题：

Every time a user posts something containing < or > in a page in my web application, I get this exception thrown. 每次用户在Web应用程序的页面中发布包含<或>时，都会引起此异常。

I don't want to go into the discussion about the smartness of throwing an exception or crashing an entire web application because somebody entered a character in a text box, but I am looking for an elegant way to handle this. 我不想讨论引起异常或崩溃整个Web应用程序的明智性，由于有人在文本框中输入了字符，可是我正在寻找一种优雅的方式来解决这个问题。

Trapping the exception and showing 捕获异常并显示

An error has occurred please go back and re-type your entire form again, but this time please do not use < 发生错误，请返回并从新输入整个表格，可是此次请不要使用<

doesn't seem professional enough to me. 在我看来还不够专业。

Disabling post validation ( validateRequest="false" ) will definitely avoid this error, but it will leave the page vulnerable to a number of attacks. 禁用后验证（ validateRequest="false" ）确定会避免此错误，可是它将使页面容易受到多种攻击。

Ideally: When a post back occurs containing HTML restricted characters, that posted value in the Form collection will be automatically HTML encoded. 理想状况下：当发生包含HTML受限字符的回发时，Form集合中的已发账值将自动进行HTML编码。 So the .Text property of my text-box will be something & lt; html & gt; 所以，个人文本框的.Text属性将是something & lt; html & gt; something & lt; html & gt;

Is there a way I can do this from a handler? 有没有办法能够从处理程序作到这一点？

---

解决方案：

参考一： https://stackoom.com/question/LKR/从客户端检测到潜在的危险Request-Form值
参考二： https://oldbug.net/q/LKR/A-potentially-dangerous-Request-Form-value-was-detected-from-the-client