Menu
http://site.com/page%3fcharacter
This URL will return the following error:
Illegal characters in path.
I'm already put this in web.config:
<system.web>
<httpRuntime requestValidationMode="2.0" requestPathInvalidCharacters="" />
<pages validateRequest="false">
...
How can I fix this error?
799
If you want to allow the request through, you need to add requestPathInvalidCharacters and set it to an empty string:
<system.web>
<httpRuntime requestPathInvalidCharacters="" />
</system.web>
Edit You should leave your original question in place, because now my answer does not make sense.
But in answer to your second question, that it's because %3f corresponds to '?' which is not allowed in file names on Windows. You can set the relaxedUrlToFileSystemMapping property to true to change this behaviour:
<system.web>
<httpRuntime requestPathInvalidCharacters=""
relaxedUrlToFileSystemMapping="true" />
</system.web>
You might want to look through all of the properties in the HttpRuntimeSection class to see if there's any others that might apply.
You can also implement a sub class of RequestValidator and set up your web.config to use your subclass (that will presumably allow all URLs through?). Personally, I wouldn't bother and just let the built-in classes handle it. It's unlikely that a normal user is every going to accidentally type in "%3f" in a path, and why bother going to so much trouble to improve the use-case for malicious users?
This, by the way, is actually a new feature in ASP.NET 4, which is why Stack Overflow doesn't spit out an error: it's running on .NET 3.5.
72
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
