A new ASP.NET version 1.1 feature, request validation, prevents the server from accepting content containing un-encoded HTML. This feature is designed to help prevent some script-injection attacks whereby client script code or HTML can be unknowingly submitted to a server, stored, and then presented to other users. We still strongly recommend that you validate all input data and HTML encode it when appropriate. 

     .NET 1.1 framework automatically protects you from people performing script injections.  This is a form of hacking where somebody posts script in a post variable hoping to comprimise your website.  The automatic protection is a little rough, and throws the message"A Potentially dangerous request.form value was detected from the client.." even if harmless HTML tags are inserted.