Why ValidateRequest="false" ?

Vote:
 

Hello,

I was taking a look at the Alloy template demo kit and noticed that the attribute validateRequest is set to false in the  node (https://github.com/episerver/AlloyDemoKit/blob/master/src/AlloyDemoKit/Web.config)

While searching this forum and the internet, it seems like in the past there were some compatibility issues between the asp.net validation process and some Episerver functionality.

Has anyone had the chance to validate whether validateRequest="false" is still needed for the latest version of EPiServer? If so, is there any documentation about which are the features affected, would validateRequest be set to true

Thanks in advance for any comments/feedback!

#163170
Oct 19, 2016 7:52
Vote:
 

On publishing as memory we still need this becuase of posting back HTML. But on front-end I can't see any reason.

#163176
Oct 19, 2016 12:02
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.