We have interface names (returned via SNMP) that contain the "<" character. 

When we go into the NFA Administration GUI and attempt to edit an Interface Group, the following error is received:

Server Error in '/RA' Application.
A potentially dangerous Request.Form value was detected from the client (ctl00_ContentPlaceHolder1_ManageGroups1_ctl01__dualList_left_hf="...IRCUIT ID <XXXXXX350nullCA...").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.

Exception Details: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ctl00_ContentPlaceHolder1_ManageGroups1_ctl01__dualList_left_hf="...IRCUIT ID <XXXXXX350nullCA...").

Source Error:


[No relevant source lines]


Source File: c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\ra\7c6a3de9\d51482d2\App_Web_nuajrv_f.19.cs Line: 0

Stack Trace:


[HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client (ctl00_ContentPlaceHolder1_ManageGroups1_ctl01__dualList_left_hf="...IRCUIT ID <XXXXXX350nullCA...").]
System.Web.HttpRequest.ValidateString(String s, String valueName, String collectionName) +8817730
System.Web.HttpRequest.ValidateNameValueCollection(NameValueCollection nvc, String collectionName) +111
System.Web.HttpRequest.get_Form() +129
System.Web.UI.Page.GetCollectionBasedOnMethod(Boolean dontReturnNull) +114
System.Web.UI.Page.DeterminePostBackMode() +63
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6785
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +242
System.Web.UI.Page.ProcessRequest() +80
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21
System.Web.UI.Page.ProcessRequest(HttpContext context) +49
ASP.admin_manageinterfacegroups_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\ra\7c6a3de9\d51482d2\App_Web_nuajrv_f.19.cs:0
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +181
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75


Version Information: Microsoft .NET Framework Version:2.0.50727.8009; ASP.NET Version:2.0.50727.8015

Defect DE257788 was created for issues in NFA 9.3.x when interface names contain the "<" or ">" characters.