I have a multiple lines textbox that allows the users to enter comments. These comments will be sent via a WCF REST method call to store in the SQL DB. The comment can be empty as well.

here is the exception details that I was able to capture in the error log:

Message: The remote server returned an error: (404) Not Found.

StackTrace:
   at System.Net.HttpWebRequest.GetResponse() 
   at Portal.WebServiceFacade.RESTClient.LeaveManagementCRUDOperations(String employeeId, String companyName, String leaveStartDate, String leaveEndDate, String rejoiningDate, String leaveCode, String comments, String userId, String leavePayment, String isPostedInGP, String availableLeaveBalance, String CRUDParameter) 
   at Portal.WebServiceFacade.LeaveEntityWebService.LeaveManagementSaveOperation(String siteUrl, String employeeId, String companyName, String leaveStartDate, String leaveEndDate, String leaveCode, String comments, String leavePayment, String availableLeaveBalance)

Right now if the comment contains a '/' '\' or a '#' character, it's crashing the REST method.

The UI is a SharePoint custom web part hence we have full control over the code.

How can I achieve this validation upon the submit button click?

Update After Enigmativity's Uri DataEscape Method Solution

I changed the code that creates the Uri as the answer and got the same error. Code and the output shown below:

Code

private const string ParameterUrlStringFormat = "/{0}";
        private const string RESTMethodUriFormat = "{0}/_vti_bin/" + RESTClient.RestServiceName + "/{1}{2}";

private HttpWebRequest CreateWebRequest(string methodName, List<string> parameterCollection)
       {
           StringBuilder parameterUrlStringBuilder = new StringBuilder();

           foreach (string parameter in parameterCollection)
           {
               parameterUrlStringBuilder.Append(string.Format(RESTClient.ParameterUrlStringFormat,
                   Uri.EscapeDataString(parameter)));
           }

           string requestUriString = string.Format(RESTClient.RESTMethodUriFormat, SiteUrl, 
               methodName, parameterUrlStringBuilder.ToString());

           LogHelper.LogULSException("Escaped Uri: " + requestUriString);

           var request = GenerateHttpWebRequest(requestUriString);

           return request;
       } 

The comment was

Testing Parameter DataEscape for / and \ and #

Output in the log:

Debug Message: Escaped Uri: http://my-dev/HR/_vti_bin/PortalRestWcfService.svc/LeaveManagementCRUDOperations/SRK00051/Head%20Office/2015-08-29/2015-08-29/1900-01-01/2/Testing%20Parameter%20DataEscape%20for%20%2F%20and%20%5C%20and%20%23/SRK00051/1/0/52/1

So it appears that you are building your URL using illegal characters. Since you haven't provided any code it is hard to say exactly how you are doing it, but you probably need to escape the characters and not avoid them. You've identified some illegal characters, but there are many more.

Try this:

var safe = Uri.EscapeDataString(@"this/is\some#text")

The value of sale becomes:

this%2Fis%5Csome%23text

You should be able to use that for creating your call.