A potentially dangerous Request.Path value was detected from the client (&).

I've looked this error up and tried fixing it for quite a while but am still stuck.

My .NET app, passes a filepath name to a Javascript function that I created, which then passes the path to a Flash audio player to play MP3s.  This works fine except for when there is an ampersand in the file path.  

After reading, I learned to try adding the following to my page directive:  ValidateRequest="false"
This didn't work, so I tried adding it globally in web.config, like so:
    <httpRuntime requestValidationMode="2.0"/>
    <pages validateRequest="false" />

That didn't work either.

Any ideas?

For testing, I was just trying to play the MP3 from my browser by typing in the URL, like so:
www.mysite.com/audio_folder/albums/Jack & Jill/Song123.mp3

This gives me the dangerous request path error.
XbraddersAsked:
Who is Participating?
 
Alan WarrenConnect With a Mentor Applications DeveloperCommented:
Have you tried passing an HtmlEncoded File path to the JavaScript function?
Server.HtmlEncode("strFilePath")

Alan
0
 
nmarunConnect With a Mentor Commented:
Try this:

<httpRuntime requestPathInvalidChars="&lt;,&gt;,*,%,:,\,?" />

Arun
0
 
nmarunCommented:
0
 
Dave BaldwinConnect With a Mentor Fixer of ProblemsCommented:
'&' is supposed to be used as a query string separator and spaces are supposed to be urlencoded as '%20'.  While they may be valid on your machine, they are trouble on the web.  I always remove spaces from filenames and paths and would not use an '&' in them either.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.