I am receiving the rather self explanatory error:
A potentially dangerous Request.Path value was detected from the client (*).
The issue is due to *
in the request URL:
https://stackoverflow.com/Search/test*/0/1/10/1
This url is used to populate a search page where 'test*' is the search term and the rest of the url relates to various other filters.
Is there an easy way to allow these special characters in the URL? I've tried modifying the web.config
, to no avail.
Should I manually encode / decode the special characters? Or is there a best practice for doing this, I would like to avoid using query strings. - but it may be an option.
The application itself is a c# asp.net
webforms application that uses routing to produce the nice URL above.
If you're using .NET 4.0 you should be able to allow these urls via the web.config
<system.web>
<httpRuntime
requestPathInvalidCharacters="<,>,%,&,:,\,?" />
</system.web>
Note, I've just removed the asterisk (*), the original default string is:
<httpRuntime
requestPathInvalidCharacters="<,>,*,%,&,:,\,?" />
See this question for more details.