I am looking into installing the ASP.NET forum on my site. As with almost anything these days, I notice it doesn't allow html in text fields. The .NET framework (1.1) crashes with an error:<BR>A potentially dangerous Request.Form value was detected from the client (Createeditpost1:PostForm:PostBody="<img src=""> "). <BR><BR>Personally, I feel it is horrible for your application to crash, even if this is for protection. I know you can disable validaterequest but have been warned of the security problems involved. <BR><BR>I would like to know your opinion. Should I trust the product and remove this extra protection or should I allow my site to crash whenever anyone tries to enter html or sql in a text box in the forum? I don't really feel like going through thousands of lines of code to figure out if the forum is vulnerable to injection.