>Again, No.
>As I read it, if you specfy you own class derived from System.Web.Util.RequestValidator then you replace the default behaviour (which checks the RequestPathInvalidCharacters property) - although you could still call the base.IsValidRequestString() if it was useful.
>
>FWIW, unless you are yourself creating a request which would violate the default rules I'd leave well alone. If you *are* generating a genuine request that falls foul of the default then use the override to identify and allow it - otherwise just pass the validation operation to the base class.....

Ok, I understand now.

The goal here is to avoid having a situation like http://www.mydomain.com/& to be logged in the Event Viewer. As, this will make less verifications to make.

Thus, I am trying to see if I can adjust the framework to take care of that automatically, and simply redirect to the domain, such as http://www.mydomain.com.

I understand I need to put that somewhere:

<ConfigurationPropertyAttribute("requestValidationType", DefaultValue := "System.Web.Util.RequestValidator")> _
<StringValidatorAttribute(MinLength := )> _
Public Property RequestValidationType As String
	Get
	Set
End Property 

In it, I need to define my own class name to validate. Then, I need to set up the class such as:

    Public Class CustomRequestValidation
        Inherits RequestValidator

        Public Sub New()
        End Sub

        Protected Overloads Overrides Function IsValidRequestString(ByVal context As HttpContext, ByVal value As String, _
         ByVal requestValidationSource__1 As RequestValidationSource, ByVal collectionKey As String, _
         ByRef validationFailureIndex As Integer) As Boolean

            ' Set a default value for the out parameter
            validationFailureIndex = -1

            ' This application does not use RawUrl directly so you can ignore the check
            If requestValidationSource__1 = RequestValidationSource.RawUrl Then
                Return True
            End If

            ' Allow the query-string key data to have a value that is formated like XML
            If (requestValidationSource__1 = RequestValidationSource.QueryString) AndAlso (collectionKey = "data") Then

                ' The query-string value "<example>1234</example>" is allowed
                If value = "<example>1234</example>" Then
                    validationFailureIndex = -1
                    Return True
                Else

                    ' Leave any further checks to ASP.NET
                    Return MyBase.IsValidRequestString(context, value, requestValidationSource__1, collectionKey, validationFailureIndex)

                End If

            Else

                ' All other HTTP input checks are left to the base ASP.NET implementation.
                Return MyBase.IsValidRequestString(context, value, requestValidationSource__1, collectionKey, validationFailureIndex)

            End If

        End Function

    End Class

...where all the code in it, up until the last Else, would be adjusted to verify for such possibiity and redirect to the domain.

This class can go in my Global.vb. However, I am not sure where to drop the RequestValidationType property section.