A potentially dangerous Request.Path value was detected from the client (:)

Question

User1649736104 posted

Hi Everyone

I'm facing the below error when accessing a URL with 3 forward slash through iis reverse proxy.

Sample URL : http://192.168.0.134/activity/documents.w3p;pioiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F%3Bguid%3Df2e18eef-35cd-4797-8a6d-54e8ab1d0147%3Bclass%3DProject

can someone please help me to resolve this ? we cannot change the URL.

Server Error in '/' Application.

---

A potentially dangerous Request.Path value was detected from the client (:).

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (:).

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:).] System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +11995904 System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +54

 

---

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.2106.0

Answer 1

User1065476709 posted

Hi mrbot,

Sample URL : Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (:).

After.NET 4.0, if the url contains some special characters, it will occur this error. I did not find the special character ":" in your URL, but I found the special character ";". You can either try to remove the special character and try again, or you can fix this error either by encoding your URL or by modifying your web.config file as:

<system.web>
<httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" />
<pages validateRequest="false" />
</system.web>

Best regards,

Sam

Answer 2

User1649736104 posted

Hi Sam,

I have modified web.config as suggested, now i'm getting a bad URL error message.

Bad Request - Invalid URL

---

HTTP Error 400. The request URL is invalid.

We have special character ":" in the URL.

http://192.168.0.134/activity/documents.w3p;pioiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F%3Bguid%3Df2e18eef-35cd-4797-8a6d-54e8ab1d0147%3Bclass%3DProject

the highlighted section refers to dms:///

after updating the web.config with the below changes.

<system.web>

<httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" /> <pages validateRequest="false" /> </system.web>

the triple forward slash "///"  in the URL got changed to single forward "/" slash that results the invalid URL.

sample URL below.

http://192.168.0.134/templates/error.w3p;emessage=E10319-AS%3A%20Could%20not%20connect%20to%20object%20with%20oiid%20of%20'dma%3A%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F'

Could not connect to object with oiid of 'dma:/45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F'

Is there an option where we can pass through this URL in IIS without changing the "///" to "/"

Answer 3

User1065476709 posted

Hi mrbot,

We have special character ":" in the URL.

http://192.168.0.134/activity/documents.w3p;pioiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F%3Bguid%3Df2e18eef-35cd-4797-8a6d-54e8ab1d0147%3Bclass%3DProject

In your url, except behind http, I did not find special character ":".

the highlighted section refers to dms:///

The highlighted section of your URL is "dma%3A%2F%2F%2F", I did not find the "dms:///" you referenced.

the triple forward slash "///"  in the URL got changed to single forward "/" slash that results the invalid URL.

Normally, the browser will automatically convert "///" to "/".

Best regards,

Sam

Answer 4

User1649736104 posted

Hi Sam,

The URL is partially encoded one. Below is another sample URL.

1) http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

As per the ASCI encoding this url part

2) dma:///45e6b900-8929-11d4-b772-0050da06bfb4/7bd350da-c9ee-4565-8000-2cbc18041961

was converted as below.

3) http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

when 3rd URL is passed through IIS reverse proxy  %2F%2F%2F is getting replaced as %2F. That's resulting request URL as invalid

is there a way where i can retain the encoding part of URL after http://192.168.0.134/reports/launch.w3p;

when passed through IIS reverse proxy ? Something like 

if the URL contains "roiid=dma" then 

http://192.168.0.134/reports/launch.w3p;{UrlEncode:{roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961}}

and preserve %2F%2F%2F

and Final URL as below ?

http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

Answer 5

User1065476709 posted

Hi mrbot,

1) http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

As per the ASCI encoding this url part

2) dma:///45e6b900-8929-11d4-b772-0050da06bfb4/7bd350da-c9ee-4565-8000-2cbc18041961

was converted as below.

3) http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

when 3rd URL is passed through IIS reverse proxy  %2F%2F%2F is getting replaced as %2F. That's resulting request URL as invalid

is there a way where i can retain the encoding part of URL after http://192.168.0.134/reports/launch.w3p;

when passed through IIS reverse proxy ? Something like 

You can try to use url rewriting. how do you generate such a complicated URL?

Best regards,

Sam

Answer 6

User1649736104 posted

samwu

You can try to use url rewriting. how do you generate such a complicated URL?

i have tried a rule as below,

           

<action type="Rewrite" url="http://192.168.0.134/{UrlEncode:{REQUEST_URI}}" />
            <serverVariables>
                <set name="REQUEST_URI" value="{ENCODED_URL}" />
                <set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
                <set name="HTTP_ACCEPT_ENCODING" value="" />
            </serverVariables>

http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

what happens is everything after the above yellow highlighted part got encoded as below red highlighted.

http://192.168.0.134/%252Freports%252Flaunch.w3p%253Broiid%253Ddma%253A%252F45e6b900-8929-11d4-b772-0050da06bfb4%252F7bd350da-c9ee-4565-8000-2cbc18041961

Is it possible to write a rewrite rule which can retain this "roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961" for the URL ?

Could you please provide me a rule for doing this ?

Answer 7

User1065476709 posted

Hi mrbot,

http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

what happens is everything after the above yellow highlighted part got encoded as below red highlighted.

http://192.168.0.134/%252Freports%252Flaunch.w3p%253Broiid%253Ddma%253A%252F45e6b900-8929-11d4-b772-0050da06bfb4%252F7bd350da-c9ee-4565-8000-2cbc18041961

Is it possible to write a rewrite rule which can retain this "roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961" for the URL ?

You can try this rule:

<rule name="test1" stopProcessing="true">
  <match url="(.*)" />
     <conditions>
       <add input="{HTTP_HOST}" pattern="192.168.0.134" />
       <add input="{REQUEST_URI}" pattern="^/reports/launch.w3p;(.*)$" />
     </conditions>
  <action type="Redirect" url="http://192.168.0.134/{C:1}" />
</rule>

Best regards,

Sam