2012-10-11 87 views
0

在此示例中,我正在使用Sitefinity 5.1和RadGrid。Sitefinity從客戶端(?)檢測到潛在危險的Request.Path值

我一直在排除故障今晨我方開發服務器上的一個網頁,我已經證實,它具有不同的行爲與樣式(模板)在頁面上比準系統頁面(沒有造型,沒有腳本等)上:

  1. 的頁面不在Chrome工作,但確實在IE和Firefox
  2. 一個最基本的網頁(無模板,頭,或其他任何東西)上的頁面工作在IE,Firefox和Chrome

使用的代碼:

Response.Redirect(String.Format("~/services/separation-by-code/managesbyc?id={0}", DateTime.Now.Ticks.ToString())); 

我在使用ticks刷新頁面之前到達那裏。

下面是一些結果:

火狐: seabass.ptagis.org/services/separation-by-code/managesbyc?id=634854696522350585 - >工作

鉻的裸機Sitefinity頁: seabass.ptagis.org/services/separation-by-code/managesbyc?id=634854701574768045 - >的風格頁面(CSS,Scritps等)上工作

鉻: seabass.ptagis.org/services/ %2fservices%2fseparation-by-code%2fmanagesbyc%3fid%3d634854699444302751 - > nope

我得到下面附加的服務器錯誤。

我完成了設置web.config httprequests = 2.0和page validations = false的所有步驟。這沒有幫助。

任何幫助表示讚賞。

Server Error in '/' Application. A potentially dangerous Request.Path value was detected from the client (?). Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (?). Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace: [HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (?).]
System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +11494475
System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +184 Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272

回答

1

如果你使用.NET 4.0,你應該能夠允許含有問號(?)的URL通過在web.config

<system.web> 
    <httpRuntime requestPathInvalidCharacters="&lt;,&gt;,*,%,&amp;,:,\" /> 
</system.web> 

注意,我我剛刪除了問號(?),原來的默認字符串是:

<httpRuntime requestPathInvalidCharacters="&lt;,&gt;,*,%,&amp;,:,\,?" /> 
+0

你也可以在httpRuntime中使用requestValidationMode =「2.0」 –

相關問題