I'm getting random exception caused by ValidateInputIfRequiredByConfig().
I don't have exact message, since our server is pt-BR, so error message is translated.
I know that this error can be thrown if user puts malicious code in input, ie example. But it's not case here.
I'm getting this one, requesting some images. Below some info from elmah.
HTTP_USER_AGENT: GbPlugin
PATH_INFO: /Content/images/BannerWelcome.jpg?1110311762734
PATH_TRANSLATED: C:\inetpub\wwwroot\Content\images\BannerWelcome.jpg?1110311762734
REQUEST_METHOD: GET
SCRIPT_NAME: /Content/images/BannerWelcome.jpg?1110311762734
Application is ASP.NET MVC 3, running on Windows 2008, IIS 7.5
EDIT:
Exception message in pt-BR:
System.Web.HttpException
Um valor possivelmente perigoso Request.Path foi detectado no cliente (?).
System.Web.HttpException (0x80004005): Um valor possivelmente perigoso Request.Path foi detectado no cliente (?).
em System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
em System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)
EDIT:
Exception message in English: "A potentially dangerous value was detected from the client Request.Path"
EDIT 2:
I can't reproduce this error. As I know it is just in request to this image.
<pages validateRequest="false" />
does not work in MVC3.
1) You have to explicitly put [ValidateRequest(false)] on each controller or action
2) If you use .NET4 this is not sufficient as there is a "bug/feature" in .NET4 which prevent [ValidateInput(false)] to work. You have to also disable requestPathInvalidCharacters,validateRequest and requestFiltering by using requestValidationMode of 2.0 :
<httpRuntime requestValidationMode="2.0" requestPathInvalidCharacters="" />
I made three changes to solve this issue:
1)
<system.web>
<httpRuntime requestValidationMode="2.0" requestPathInvalidCharacters="" />
</system.web>
2)
<system.webServer>
<security> <requestFiltering allowDoubleEscaping="true" /> </security>
</system.webServer>
3) <pages validateRequest="false" />
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With