A potentially dangerous Request.Path value was detected from the client 异常
2010-06-29 10:58
375 查看
我们在ASP.net 4.0 中使用URL导向后, 我们在访问类似如下的地址时 http://wz.csdn.net/yanjinde77/一个面试题!********/,就会报错误:
A potentially dangerous Request.Path value was detected from the client at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) 这是因为上述地址中有*这个特殊字符存在。 如果你想不让ASP.net 替你拦截这些特殊字符,你需要设置如下Web.config的节:
注意其中的requestPathInvalidCharacters 它是一个以逗号分隔的无效字符列表。不设置它时,它默认的无效字符集(以,分割)是后面7个:<,>,*,%,&,:,\
即,不设置这个属性,默认就是如下设置:
如果你想这些字符全部不受限制,就应该设置 requestPathInvalidCharacters="" , 如果是部分字符受限制,部分字符不受限制,就需要在 requestPathInvalidCharacters 中设置需要受限制的字符,不受限制的不用设置。
参考资料:
Experiments in Wackiness: Allowing percents, angle-brackets, and other naughty things in the ASP.NET/IIS Request URL
http://www.budoou.com/article/981320/
A potentially dangerous Request.Path value was detected from the client at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) 这是因为上述地址中有*这个特殊字符存在。 如果你想不让ASP.net 替你拦截这些特殊字符,你需要设置如下Web.config的节:
<?xml version="1.0"?> <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <system.web> <httpRuntime requestPathInvalidCharacters="" /> </system.web> </configuration>
注意其中的requestPathInvalidCharacters 它是一个以逗号分隔的无效字符列表。不设置它时,它默认的无效字符集(以,分割)是后面7个:<,>,*,%,&,:,\
即,不设置这个属性,默认就是如下设置:
<?xml version="1.0"?> <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <system.web> <httpRuntime requestPathInvalidCharacters="<,>,*,%,:,&,\" /> </system.web> </configuration>
如果你想这些字符全部不受限制,就应该设置 requestPathInvalidCharacters="" , 如果是部分字符受限制,部分字符不受限制,就需要在 requestPathInvalidCharacters 中设置需要受限制的字符,不受限制的不用设置。
参考资料:
Experiments in Wackiness: Allowing percents, angle-brackets, and other naughty things in the ASP.NET/IIS Request URL
http://www.budoou.com/article/981320/
相关文章推荐
- A potentially dangerous Request.Path value was detected from the client 异常
- A potentially dangerous Request.Path value was detected from the client 异常
- A potentially dangerous Request.Path value was detected from the client 异常
- A potentially dangerous Request.Path value was detected from the client异常解决方案
- A potentially dangerous Request.Path value was detected from the client 异常
- A potentially dangerous Request.Path value was detected from the client异常解决方案
- A potentially dangerous Request.Path value was detected from the client 异常
- A potentially dangerous Request.Path value was detected from the client 异常
- MVC 请求参数中带有HTML会引发Validation异常 ("A potentially dangerous Request.Form value was detected from the client")
- 解决.Net 4.0 A potentially dangerous Request.Form value was detected from the client 异常
- 解决.Net 4.0 A potentially dangerous Request.Form value was detected from the client 异常
- 【asp.net mvc】A potentially dangerous Request.Path value was detected from the client(检测到客户端有潜在危险的Request.Path值)
- A potentially dangerous Request.Form value was detected from the client
- A potentially dangerous Request.Form value was detected from the client
- A potentially dangerous Request.Form value was detected from the client
- 尝试获取Cookie时出现的错误提示:"A potentially dangerous Request.Cookies value was detected from the client:
- A potentially dangerous Request.Form value was detected from the client 的处理
- A potentially dangerous Request.Form value was detected from the client
- A potentially dangerous Request.Form value was detected from the client
- A potentially dangerous Request.Form value was detected from the client