How to Edit .aspx page and Save in asp.net on button click using c#?

Question

I a list of .aspx page which is in DropdownList that are from Application Root Directory. I am showing the Whole .aspx Page content in RichTextBox for Editing. But, When i click on Save Button it shows Error:A potentially dangerous Request.Form value was detected from the client (ctl00$MainContent$TextBox1="...xt" %>

Sample Code here:

<asp:TextBox ID="TextBox1" runat="server" Height="314px" TextMode="MultiLine" 
        Width="771px"></asp:TextBox>

<asp:Button ID="BtnSaveContent" runat="server" onclick="BtnSaveContent_Click" 
        Text="Save Content" />

In .aspx.cs file:
private void GetFilesNames()
    {


        TextReader tr = new StreamReader(Server.MapPath("") + "/CopyText.aspx");
        TextBox1.Text = tr.ReadToEnd();
        // close the stream
        tr.Close();
    }


    protected void BtnSaveContent_Click(object sender, EventArgs e)
    {
        WritetoFile();
    }

    private void WritetoFile()
    {
        TextWriter tw = new StreamWriter(Server.MapPath("") + "/CopyText.aspx");

        // write a line of text to the file
        tw.WriteLine(TextBox1.Text);

        // close the stream
        tw.Close();
    }

Page Header:

<%@ Page Title="" Language="C#" MasterPageFile="~/Site.master" AutoEventWireup="true" validateRequest="false" CodeFile="CopyText.aspx.cs" Inherits="CopyText" %>

<%@ Page Title="Home Page" Language="C#" MasterPageFile="~/Site.master" AutoEventWireup="true" validateRequest = false
    CodeFile="Default.aspx.cs" Inherits="_Default" %>

i have also tried validateRequest="false" at page level and control level. but doesn't work! Any Idea to resolve this error? Help appreciated!

Answer 1

You're correct that you need validateRequest = false.

BUT if this is .Net 4.0 you also need to add requestValidationMode="2.0" to the httpRuntime configuration section of the web.config:

<system.web>
  <httpRuntime requestValidationMode="2.0"/>
</system.web>