• Register
0 votes

Problem :

I have got the legacy code issue that requires that I support the random urls as if they were requests for a home page. Some of the URLs have the characters in them that generate the below error 

"A potentially dangerous Request.Path value was detected from the client (&)"

This site is written with the ASP.Net MVC 3 (in C#) and is currently running on IIS 7.5.

Below is an example URL.


Below is how I have my catch-all route setup (I have the other routes to catch specific pages)...

    "Default", // My Route name
    "{garb1}/{garb2}", // My URL with parameters
    new { controller = "Website", action = "Home", garb1 = UrlParameter.Optional, garb2 = UrlParameter.Optional } // Parameter defaults

I have added below things to the web.config file.

        <pages validateRequest="false" />
        <httpRuntime requestValidationMode="2.0" />

I have also Added a ValidateInput attribute to my action that should be catching the urls.

7 5 2
3,870 points

1 Answer

0 votes

Solution :

While you could try below settings in the config file

    <httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" />
    <pages validateRequest="false" />

I would avoid using the characters like '&' in my URL path will replace them with underscores.

Hope this will fix your error.

9 7 4
38,600 points

Related questions

0 votes
1 answer 37 views
Problem : I want to send a call using ajax but in Chrome getting following error Failed to load resource: the server responded with a status of 500 (internal server error) But for firefox getting no error. I also tried to record the ajax call in firebug but there is no call request in ... function (msg) { }, error: function (xhr, status, error) { alert(error.responseTextss); } }); }); }); }); }
asked Nov 22, 2019 peterlaw 6.9k points
0 votes
1 answer 33 views
Problem: I am completely new to ASP .net core. I guess it is giving me the dependency injection error as shown below: InvalidOperationException: Unable to resolve service for type 'Spinit ... ) Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.DatabaseErrorPageMiddleware.Invoke(HttpContext httpContext) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
asked Aug 17 Raphael Pacheco 4.9k points
0 votes
0 answers 12 views
Problem: I have basic knowledge on ASP.Net and Database Connection. Currently I am receiving the below error if I try to run my code: System.Configuration.ConfigurationErrorsException: 'The configuration section cannot contain a CDATA or text element'. My application ... SSPI;Initial Catalog=TestData" providerName="System.Data.SqlClient"/> Kindly help me in fixing above ASP.Net related error ASAP.
asked Jun 22 Raphael Pacheco 4.9k points
1 vote
1 answer 69 views
Problem : Recently I was told to prepare the C# as I am in pool of new projects. So I have started learning C#. But because of some unknown reason to me now I am facing below error. &ldquo;Make sure that the controller has a parameterless public constructor&rdquo;. As I am very new to C# so I am unable to understand the above error. I need help from someone who can fix the above error.
asked Mar 31 morrisBson 3.2k points
0 votes
1 answer 5 views