[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

A potentially dangerous Request.Path value was detected from the client (&).

Posted on 2013-02-06
4
Medium Priority
?
910 Views
Last Modified: 2013-04-03
I've looked this error up and tried fixing it for quite a while but am still stuck.

My .NET app, passes a filepath name to a Javascript function that I created, which then passes the path to a Flash audio player to play MP3s.  This works fine except for when there is an ampersand in the file path.  

After reading, I learned to try adding the following to my page directive:  ValidateRequest="false"
This didn't work, so I tried adding it globally in web.config, like so:
    <httpRuntime requestValidationMode="2.0"/>
    <pages validateRequest="false" />

That didn't work either.

Any ideas?

For testing, I was just trying to play the MP3 from my browser by typing in the URL, like so:
www.mysite.com/audio_folder/albums/Jack & Jill/Song123.mp3

This gives me the dangerous request path error.
0
Comment
Question by:Xbradders
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 27

Assisted Solution

by:nmarun
nmarun earned 500 total points
ID: 38862326
Try this:

<httpRuntime requestPathInvalidChars="&lt;,&gt;,*,%,:,\,?" />

Arun
0
 
LVL 27

Expert Comment

by:nmarun
ID: 38862328
0
 
LVL 26

Accepted Solution

by:
Alan Warren earned 500 total points
ID: 38862551
Have you tried passing an HtmlEncoded File path to the JavaScript function?
Server.HtmlEncode("strFilePath")

Alan
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 500 total points
ID: 38863033
'&' is supposed to be used as a query string separator and spaces are supposed to be urlencoded as '%20'.  While they may be valid on your machine, they are trouble on the web.  I always remove spaces from filenames and paths and would not use an '&' in them either.
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By, Vadim Tkachenko. In this article we’ll look at ClickHouse on its one year anniversary.
Backups and Disaster RecoveryIn this post, we’ll look at strategies for backups and disaster recovery.
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question