locked
A potentially dangerous Request.Path value was detected from the client (<). RRS feed

  • Question

  • User-1256377279 posted

    Hi Guys,

    I am get below error, I have add below line but still is giving the error

     <pages maintainScrollPositionOnPostBack="true" enableEventValidation="true"  validateRequest="false"  />

     <httpRuntime requestValidationMode="2.0"  requestPathInvalidCharacters="&lt;" /> 

    Server Error in '/CMS2012' Application.


    A potentially dangerous Request.Path value was detected from the client (<).

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (<).

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


    Stack Trace:

    [HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (<).]
       System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +9023321
       System.Web.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +35
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +184
    



    Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272 

    <!-- [HttpException]: A potentially dangerous Request.Path value was detected from the client (<). at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) --><!-- This error page might contain sensitive information because ASP.NET is configured to show verbose error messages using <customErrors mode="Off"/>. Consider using <customErrors mode="On"/> or <customErrors mode="RemoteOnly"/> in production environments.-->

    Thanks in Advance

    Shabbir

    Tuesday, March 19, 2013 1:28 PM

Answers

  • User-166373564 posted

    Hi shabbir

    A potentially dangerous Request.Path value was detected from the client (<).

    I think you could refer the article below to learn how to remove characters to avoid .NET Request Validation Error - A potentially dangerous Request.Path value was detected from the client,

    How to remove characters to avoid .NET Request Validation Error

    hope it helpful for you to troubleshoot,

    With regards

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, March 25, 2013 5:21 AM

All replies

  • User2013176261 posted

    While you could try these settings in config file

    <system.web>
        <httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" />
        <pages validateRequest="false" />
    </system.web>


    I would avoid using characters like '<' in URL path replacing them with underscores.

    Edit: taken from http://stackoverflow.com/questions/6025522/getting-a-potentially-dangerous-request-path-value-was-detected-from-the-client.

    Tuesday, March 19, 2013 1:32 PM
  • User-1256377279 posted

    Thanks for the reply but it display below error

    Illegal characters in path.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.ArgumentException: Illegal characters in path.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


    Stack Trace:

    [ArgumentException: Illegal characters in path.]
       System.IO.Path.CheckInvalidPathChars(String path) +126
       System.IO.Path.Combine(String path1, String path2) +38
       System.Web.Compilation.DiskBuildResultCache.GetPreservedDataFileName(String cacheKey) +27
       System.Web.Compilation.DiskBuildResultCache.GetBuildResult(String cacheKey, VirtualPath virtualPath, Int64 hashCode, Boolean ensureIsUpToDate) +14
       System.Web.Compilation.BuildManager.GetBuildResultFromCacheInternal(String cacheKey, Boolean keyFromVPP, VirtualPath virtualPath, Int64 hashCode, Boolean ensureIsUpToDate) +200
       System.Web.Compilation.BuildManager.GetVPathBuildResultFromCacheInternal(VirtualPath virtualPath, Boolean ensureIsUpToDate) +51
       System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) +68
       System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) +111
       System.Web.Compilation.BuildManager.GetVirtualPathObjectFactory(VirtualPath virtualPath, HttpContext context, Boolean allowCrossApp, Boolean throwIfNotFound) +125
       System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp) +52
       System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath) +31
       System.Web.UI.PageHandlerFactory.System.Web.IHttpHandlerFactory2.GetHandler(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath) +40
       System.Web.HttpApplication.MapHttpHandler(HttpContext context, String requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig) +167
       System.Web.MapHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +128
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +184
    
    Tuesday, March 19, 2013 1:36 PM
  • User-166373564 posted

    Hi shabbir

    A potentially dangerous Request.Path value was detected from the client (<).

    I think you could refer the article below to learn how to remove characters to avoid .NET Request Validation Error - A potentially dangerous Request.Path value was detected from the client,

    How to remove characters to avoid .NET Request Validation Error

    hope it helpful for you to troubleshoot,

    With regards

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, March 25, 2013 5:21 AM
  • User-1768369891 posted

    place in your where you want to procees html

    validateRequest="false"

    becoz sever validate your reqest and not grant to access. Detect as harmful script  

    Monday, March 25, 2013 5:44 AM