Friday, 18 October 2024

A potentially dangerous Request.Path value was detected from the client (*)

 

A potentially dangerous Request.Path value was detected from the client (*)

 

I am receiving the rather self explanatory error:

A potentially dangerous Request.Path value was detected from the client (*).

The issue is due to * in the request URL:

https://stackoverflow.com/Search/test*/0/1/10/1
 

If you're using .NET 4.0 you should be able to allow these urls via the web.config

<system.web> <httpRuntime requestPathInvalidCharacters="&lt;,&gt;,%,&amp;,:,\,?" /> </system.web>

Note, I've just removed the asterisk (*), the original default string is:

<httpRuntime requestPathInvalidCharacters="&lt;,&gt;,*,%,&amp;,:,\,?" />

See this question for more details.

 

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

Blog Archive