System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (&)

Question

I am receiving this message from a site hosted publicly:

System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (&).

I have read articles about using:

<httpRuntime requestPathInvalidCharacters="" />

Not sure how to incorporate or resolve these type of potential dangerous requests. I may not be understanding something.

Thanks for any help understanding...

James Johnson James Johnson · Accepted Answer · 2011-11-09T18:09:46

Try setting ValidateRequest="false" in the page directive. Depending on what version of ASP.NET you're using, you may also need to add the following web.config setting:

<httpRuntime requestValidationMode="2.0" />

Important Note

By disabling the default request validation, you should be prepared to detect and handle potentially malicious content manually in your logic.

System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (&)

1 Answers