Solved

A potentially dangerous Request.Path value was detected from the client (&).

Posted on 2013-02-06
4
845 Views
Last Modified: 2013-04-03
I've looked this error up and tried fixing it for quite a while but am still stuck.

My .NET app, passes a filepath name to a Javascript function that I created, which then passes the path to a Flash audio player to play MP3s.  This works fine except for when there is an ampersand in the file path.  

After reading, I learned to try adding the following to my page directive:  ValidateRequest="false"
This didn't work, so I tried adding it globally in web.config, like so:
    <httpRuntime requestValidationMode="2.0"/>
    <pages validateRequest="false" />

That didn't work either.

Any ideas?

For testing, I was just trying to play the MP3 from my browser by typing in the URL, like so:
www.mysite.com/audio_folder/albums/Jack & Jill/Song123.mp3

This gives me the dangerous request path error.
0
Comment
Question by:Xbradders
  • 2
4 Comments
 
LVL 27

Assisted Solution

by:nmarun
nmarun earned 125 total points
ID: 38862326
Try this:

<httpRuntime requestPathInvalidChars="&lt;,&gt;,*,%,:,\,?" />

Arun
0
 
LVL 27

Expert Comment

by:nmarun
ID: 38862328
0
 
LVL 26

Accepted Solution

by:
Alan Warren earned 125 total points
ID: 38862551
Have you tried passing an HtmlEncoded File path to the JavaScript function?
Server.HtmlEncode("strFilePath")

Alan
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 125 total points
ID: 38863033
'&' is supposed to be used as a query string separator and spaces are supposed to be urlencoded as '%20'.  While they may be valid on your machine, they are trouble on the web.  I always remove spaces from filenames and paths and would not use an '&' in them either.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Does the idea of dealing with bits scare or confuse you? Does it seem like a waste of time in an age where we all have terabytes of storage? If so, you're missing out on one of the core tools in every professional programmer's toolbox. Learn how to …
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question