Solved

A potentially dangerous Request.Path value was detected from the client (&).

Posted on 2013-02-06
4
866 Views
Last Modified: 2013-04-03
I've looked this error up and tried fixing it for quite a while but am still stuck.

My .NET app, passes a filepath name to a Javascript function that I created, which then passes the path to a Flash audio player to play MP3s.  This works fine except for when there is an ampersand in the file path.  

After reading, I learned to try adding the following to my page directive:  ValidateRequest="false"
This didn't work, so I tried adding it globally in web.config, like so:
    <httpRuntime requestValidationMode="2.0"/>
    <pages validateRequest="false" />

That didn't work either.

Any ideas?

For testing, I was just trying to play the MP3 from my browser by typing in the URL, like so:
www.mysite.com/audio_folder/albums/Jack & Jill/Song123.mp3

This gives me the dangerous request path error.
0
Comment
Question by:Xbradders
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 27

Assisted Solution

by:nmarun
nmarun earned 125 total points
ID: 38862326
Try this:

<httpRuntime requestPathInvalidChars="&lt;,&gt;,*,%,:,\,?" />

Arun
0
 
LVL 27

Expert Comment

by:nmarun
ID: 38862328
0
 
LVL 26

Accepted Solution

by:
Alan Warren earned 125 total points
ID: 38862551
Have you tried passing an HtmlEncoded File path to the JavaScript function?
Server.HtmlEncode("strFilePath")

Alan
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 125 total points
ID: 38863033
'&' is supposed to be used as a query string separator and spaces are supposed to be urlencoded as '%20'.  While they may be valid on your machine, they are trouble on the web.  I always remove spaces from filenames and paths and would not use an '&' in them either.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As a database administrator, you may need to audit your table(s) to determine whether the data types are optimal for your real-world data needs.  This Article is intended to be a resource for such a task. Preface The other day, I was involved …
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question