A potentially dangerous Request.Path value was detected from the client (<).

Question

User-1256377279 posted

Hi Guys,

I am get below error, I have add below line but still is giving the error

 <pages maintainScrollPositionOnPostBack="true" enableEventValidation="true"  validateRequest="false"  />

 <httpRuntime requestValidationMode="2.0"  requestPathInvalidCharacters="&lt;" /> 

Server Error in '/CMS2012' Application.

---

A potentially dangerous Request.Path value was detected from the client (<).

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (<).

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (<).] System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +9023321 System.Web.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +35 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +184

---

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272 

<!-- [HttpException]: A potentially dangerous Request.Path value was detected from the client (<). at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) --><!-- This error page might contain sensitive information because ASP.NET is configured to show verbose error messages using <customErrors mode="Off"/>. Consider using <customErrors mode="On"/> or <customErrors mode="RemoteOnly"/> in production environments.-->

Thanks in Advance

Shabbir

Answer 1

User2013176261 posted

While you could try these settings in config file

<system.web>
    <httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" />
    <pages validateRequest="false" />
</system.web>

I would avoid using characters like '<' in URL path replacing them with underscores.

Edit: taken from http://stackoverflow.com/questions/6025522/getting-a-potentially-dangerous-request-path-value-was-detected-from-the-client.

Answer 2

User-1256377279 posted

Thanks for the reply but it display below error

Illegal characters in path.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.ArgumentException: Illegal characters in path.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[ArgumentException: Illegal characters in path.] System.IO.Path.CheckInvalidPathChars(String path) +126 System.IO.Path.Combine(String path1, String path2) +38 System.Web.Compilation.DiskBuildResultCache.GetPreservedDataFileName(String cacheKey) +27 System.Web.Compilation.DiskBuildResultCache.GetBuildResult(String cacheKey, VirtualPath virtualPath, Int64 hashCode, Boolean ensureIsUpToDate) +14 System.Web.Compilation.BuildManager.GetBuildResultFromCacheInternal(String cacheKey, Boolean keyFromVPP, VirtualPath virtualPath, Int64 hashCode, Boolean ensureIsUpToDate) +200 System.Web.Compilation.BuildManager.GetVPathBuildResultFromCacheInternal(VirtualPath virtualPath, Boolean ensureIsUpToDate) +51 System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) +68 System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) +111 System.Web.Compilation.BuildManager.GetVirtualPathObjectFactory(VirtualPath virtualPath, HttpContext context, Boolean allowCrossApp, Boolean throwIfNotFound) +125 System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp) +52 System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath) +31 System.Web.UI.PageHandlerFactory.System.Web.IHttpHandlerFactory2.GetHandler(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath) +40 System.Web.HttpApplication.MapHttpHandler(HttpContext context, String requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig) +167 System.Web.MapHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +128 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +184

Answer 3

User-166373564 posted

Hi shabbir

A potentially dangerous Request.Path value was detected from the client (<).

I think you could refer the article below to learn how to remove characters to avoid .NET Request Validation Error - A potentially dangerous Request.Path value was detected from the client,

How to remove characters to avoid .NET Request Validation Error

hope it helpful for you to troubleshoot,

With regards

Answer 4

User-1768369891 posted

place in your where you want to procees html

validateRequest="false"

becoz sever validate your reqest and not grant to access. Detect as harmful script