{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 时光不老,我们不散 的问题《Sitefinity A potentially dangerous Request.Path va》','https://www.manongdao.com/q-1031614.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am using Sitefinity 5.1 and RadGrid in this example.
I have been troubleshooting one of our pages on development server this morning and I have confirmed that it behaves differently on the page with the styling (template) than on the barebones page (no styling, no scripts etc):
- The page does not work in Chrome but does work in IE and Firefox
- The page on a bare-bones page (no template, header, or anything else) works in IE, Firefox and Chrome
Code used:
Response.Redirect(String.Format("~/services/separation-by-code/managesbyc?id={0}", DateTime.Now.Ticks.ToString()));
I am using ticks to refresh the page before I get there.
Here are some results:
Firefox: seabass.ptagis.org/services/separation-by-code/managesbyc?id=634854696522350585 -> works
Chrome on the bare-bones Sitefinity page: seabass.ptagis.org/services/separation-by-code/managesbyc?id=634854701574768045 -> works
Chrome on the styled page (CSS, Scritps, etc): seabass.ptagis.org/services/%2fservices%2fseparation-by-code%2fmanagesbyc%3fid%3d634854699444302751 -> nope
I get the server error attached below.
I did go through all the steps of setting web.config httprequests = 2.0 and page validations = false. That did not help.
Any help is appreciated.
Server Error in '/' Application. A potentially dangerous Request.Path value was detected from the client (?). Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (?). Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace: [HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (?).]
System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +11494475
System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +184 Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272
If you're using .NET 4.0, you should be able to allow the url containing a question-mark (?) via the web.config
Note, I've just removed the question-mark (?), the original default string is: