Sitefinity A potentially dangerous Request.Path value was detected from the client (?)

半城伤御伤魂 提交于 2019-12-11 14:12:29

问题


I am using Sitefinity 5.1 and RadGrid in this example.

I have been troubleshooting one of our pages on development server this morning and I have confirmed that it behaves differently on the page with the styling (template) than on the barebones page (no styling, no scripts etc):

  1. The page does not work in Chrome but does work in IE and Firefox
  2. The page on a bare-bones page (no template, header, or anything else) works in IE, Firefox and Chrome

Code used:

Response.Redirect(String.Format("~/services/separation-by-code/managesbyc?id={0}", DateTime.Now.Ticks.ToString()));

I am using ticks to refresh the page before I get there.

Here are some results:

Firefox: seabass.ptagis.org/services/separation-by-code/managesbyc?id=634854696522350585 -> works

Chrome on the bare-bones Sitefinity page: seabass.ptagis.org/services/separation-by-code/managesbyc?id=634854701574768045 -> works

Chrome on the styled page (CSS, Scritps, etc): seabass.ptagis.org/services/%2fservices%2fseparation-by-code%2fmanagesbyc%3fid%3d634854699444302751 -> nope

I get the server error attached below.

I did go through all the steps of setting web.config httprequests = 2.0 and page validations = false. That did not help.

Any help is appreciated.

Server Error in '/' Application. A potentially dangerous Request.Path value was detected from the client (?). Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (?). Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace: [HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (?).]
System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +11494475
System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +184 Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272


回答1:


If you're using .NET 4.0, you should be able to allow the url containing a question-mark (?) via the web.config

<system.web>
   <httpRuntime requestPathInvalidCharacters="&lt;,&gt;,*,%,&amp;,:,\" />
</system.web>

Note, I've just removed the question-mark (?), the original default string is:

<httpRuntime requestPathInvalidCharacters="&lt;,&gt;,*,%,&amp;,:,\,?" />


来源:https://stackoverflow.com/questions/12843928/sitefinity-a-potentially-dangerous-request-path-value-was-detected-from-the-clie

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!