A potentially dangerous Request.Path

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

A potentially dangerous Request.Path

Message

01/09/2011 08:28:40

Michel Fournier
Level Extreme Inc.
Petit-Rocher, Nouveau-Brunswick, Canada

Tous

Information générale

Forum:

ASP.NET

Catégorie:

Autre

Titre:

A potentially dangerous Request.Path

Versions des environnements

Environment:

VB 9.0

OS:

Windows 7

Network:

Windows 2003 Server

Database:

MS SQL Server

Application:

Web

Divers

Thread ID:

01522446

Message ID:

01522446

Vues:

195

If someone only enters something like this:

http://www.mydomain.exe/&

This will generate an IIS error such as:

A potentially dangerous Request.Path value was detected from the client (&).

The strack trace gives:

[HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (&).]
System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +11481611
System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +184

I am tring to intercept that so it will not end up in the Event Viewer. So, this will make less things to check for in the Event Viewer and would avoid writing entries for nothing.

Basically, if that situation occurs, I would like to take control over it.

I try putting something in:

Sub Application_PreRequestHandlerExecute(ByVal sender As Object, ByVal e As EventArgs)

But, this does not even reach that yet. IIS blocks it right away. What can I do to handle the situation?

Michel Fournier
Level Extreme Inc.
Designer, architect, owner of the Level Extreme Platform
Subscribe to the site at https://www.levelextreme.com/Home/DataEntry?Activator=55&NoStore=303
Subscription benefits https://www.levelextreme.com/Home/ViewPage?Activator=7&ID=52

Répondre

Fil

Voir

Click here to load this message in the networking platform