Error: A potentially dangerous Request.Form value was detected from the client (4266503)

When using the Active Roles Web Interface, the following error is displayed when attempting to save changes:

Error: A potentially dangerous Request.Form value was detected from the client

An attribute value in the submitted request contains data that is being observed as potentially malicious code by the Web Interface site.

For example:

The Active Roles Server Web Interface is customized to show the comment attribute, which contains a user's Password Manager profile information stored in XML format. Even if this particular value is not being updated, the web interface will submit it as part of the update request along with any other values being updated on the web page. The site sees the XML and produces the error.

This issue can also be caused by having Cross-Site Scripting validation for the Web Interface enabled or Anti Forgery is enabled when attempting to create a mailbox share.

Workaround 1

Remove the customization exposing the attribute which contains the suspect value.

Workaround 2

Add the attribute to the IgnoreForValidation key in the affected site's web.config file.

1. Navigate to the Web.Config file, under Program Files\One Identity\Active Roles\x.x\Web\Public
2. Backup the Web.Config file before making any changes
3. Add the attribute called comment to the IgnoreForValidation key. 
4. Set the value for EnableAntiForgery, and EnableRequestValidation to value="false"
5. Edit each Active Roles Web Interface Web.Config file if more then one server has the Web Interface installed
6. Perform an IISRESET