Menu
External clients are hitting my Azure website with urls that contain the colon (:) character. The request are not valid, but on my old IIS server it would give a 404 error. On Azure, the same URL will give a 500 error. This wastes my time, as I have to check the logs. This is an example of a request:
http://www.example.com/http:/www.example.com
Is there any way of avoiding this behaviour on the server side, and give 4xx error instead? Keep in mind, this problem is on Azure only, and I do not control the requests.
482
If you are running a .NET application, then this is caused by ASP.NET HTTP runtime, more specifically by its request filtering feature.
If the URL path contains any of the disallowed characters (<,>,*,%,&,:,\\,?), the runtime throws the exception and because of the exception the IIS returns error code 500.
System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (:).
You can configure disallowed characters in your web.config file.
<system.web>
<httpRuntime targetFramework="4.5" requestPathInvalidCharacters="*,%" />
</system.web>
But i would be careful, because there might be some security implications of such change.
88
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
