如何在ASP.NET WebAPI中覆盖RequestValidation [英] How do I override RequestValidation in ASP.NET WebAPI

问题描述

我在包含危险字符"作为Web API URL一部分的请求时遇到了问题.网址包括&正确地进行了网址编码，但仍会导致请求验证ASP.NET错误.

I'm having problems with requests that include 'dangerous characters' as part of a Web API URL. The Url includes an & which is properly Url encoded, but still causes a Request Validation ASP.NET error.

与MVC不同，似乎没有[ValidateInput(false)]属性可以强制和禁用此功能.

Unlike MVC there appears to be no [ValidateInput(false)] attribute to force and disable this functionality.

推荐答案

答案是使用以下方法在web.config中做到这一点:

Turns out the answer is to do this in web.config using:

<system.web>
  <httpRuntime requestPathInvalidCharacters="" />  
</system.web>

您可以在全局或子目录级别进行设置.您可以利用< location path ="> 元素仅在某些路径下指定此设置.例如，如果受影响的Web API路由位于 api/images 下面，则可以执行以下操作:

You can set this globally or at the sub-directory level. You can leverage the <location path=""> element to specify this setting only underneath certain paths. For example, if your Web API route that was affected lived underneath api/images you could do the following:

<location path="api/images">
  <system.web>
    <httpRuntime requestPathInvalidCharacters="" />  
  </system.web>
</location>

更多信息: https://msdn.microsoft.com/en-us/library/e1f13641(v=vs.100).aspx

这篇关于如何在ASP.NET WebAPI中覆盖RequestValidation的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！