Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
A potentially dangerous Request.Path
Message
De
01/09/2011 12:06:07
Michel Fournier
Level Extreme Inc.
Petit-Rocher, Nouveau-Brunswick, Canada
 
 
À
01/09/2011 11:08:39
Viv Phillips
Hay-On-Wye, Royaume Uni
Information générale
Forum:
ASP.NET
Catégorie:
Autre
Titre:
Re: A potentially dangerous Request.Path
Versions des environnements
Environment:
VB 9.0
OS:
Windows 7
Network:
Windows 2003 Server
Database:
MS SQL Server
Application:
Web
Divers
Thread ID:
01522446
Message ID:
01522495
Vues:
28
I did add the following in Web.Config in the httpRunTime tag:

requestValidationType="Framework.Framework.CustomRequestValidation,Framework"

I verified that it is using it. If I change the namespace to something else or the assembly name to something else, IIS will report the error. So, this is the proper syntax.

Just to be sure it would go in it, I simply entered a redirect command at first:
    Public Class CustomRequestValidation
        Inherits System.Web.Util.RequestValidator

        Protected Overloads Overrides Function IsValidRequestString(ByVal context As HttpContext, ByVal value As String, _
         ByVal requestValidationSource__1 As System.Web.Util.RequestValidationSource, ByVal collectionKey As String, _
         ByRef validationFailureIndex As Integer) As Boolean

            HttpContext.Current.Response.Redirect("Default.aspx")
But, I still have the error.

The redirection does not take place. So, it seems the IIS still has priority over this code and shows me the standard "A potentially dangerous Request.Path value was detected from the client (&)." message.
Michel Fournier
Level Extreme Inc.
Designer, architect, owner of the Level Extreme Platform
Subscribe to the site at https://www.levelextreme.com/Home/DataEntry?Activator=55&NoStore=303
Subscription benefits https://www.levelextreme.com/Home/ViewPage?Activator=7&ID=52
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform