Getting “A potentially dangerous Request.Path valu

2019-06-24 07:30发布

I have a REST Service and when I try and make a call to an item that has a & in it's name, I get the above error, which would make sense if I was not encoded the &

So this would be my call:

http://localhost:57851/myService/Servers/myServer/Repositories/myRepository/Models/Mine%26Yours

You can see "Mine&Yours" has been encoded as "Mine%26Yours" so should be safe.

But the request is being picked up as though I'd not encoded it.

Any ideas?

Edit:

This is not the same as (Getting "A potentially dangerous Request.Path value was detected from the client (&)")

1条回答
手持菜刀,她持情操
2楼-- · 2019-06-24 07:55

It makes no difference to ASP.NET whether you encode the & symbol or not. See this answer: https://stackoverflow.com/a/12037000/134761

To allow special characters in your URL path you should modify the requestPathInvalidCharacters parameter in web.config like this:

<httpRuntime requestPathInvalidCharacters="" />

Or if you want to only allow & but disallow all other special chars:

<httpRuntime requestPathInvalidCharacters="&lt;,&gt;,*,%,\"/>
查看更多
登录 后发表回答