从客户端检测到Sitefinity有潜在危险的Request的值（？） [英] Sitefinity A potentially dangerous Request.Path value was detected from the client (?)

问题描述

我使用Sitefinity 5.1和radgrid控件在这个例子中。

我已经排除我们今天上午的开发服务器上的一个网页，我已经证实，它表现不同的样式（模板）在页面上比准系统页​​面（没有造型，没有脚本等）上：

1. 的页面不在Chrome工作，但在IE和Firefox确实工作


2. 一个最基本的网页（没有模板，头，或其他任何东西）上的网页在IE，Firefox和Chrome

用

code：

 的Response.Redirect（的String.Format（〜/服务/分离逐code / managesbyc？ID = {0}，DateTime.Now.Ticks.ToString （）））;
 

我使用蜱刷新页面之前，我到达那里。

下面是一些结果：

火狐：
sea​​bass.ptagis.org/services/separation-by-$c$c/managesbyc?id=634854696522350585 - >工作

Chrome浏览器最基本的Sitefinity页：
sea​​bass.ptagis.org/services/separation-by-$c$c/managesbyc?id=634854701574768045 - >工作

Chrome浏览器页面样式（CSS，Scritps等）上：
sea​​bass.ptagis.org/services/%2fservices%2fseparation-by-$c$c%2fmanagesbyc%3fid%3d634854699444302751 - >没了

我得到以下连接服务器错误。

我没有通过设置web.config中HTT prequests = 2.0和网页验证= FALSE的所有步骤。这并没有帮助。

任何帮助是AP preciated。

  

在'/'应用程序的服务器错误。有潜在危险
  从客户端检测到Request的值（？）。说明：
  当前Web的执行过程中发生未处理的异常
  请求。请检查堆栈跟踪有关的详细信息
  错误以及它起源于code。异常详细信息：
  System.Web.HttpException：有潜在危险的Request的价值
  从客户端检测到（？）。源错误：未处理
  在当前web的执行过程中生成的异常
  请求。有关的起源和位置信息
  异常可以使用下面的异常堆栈跟踪信息确定。结果
  堆栈跟踪：
      [HttpException（0x80004005的）：从客户端检测到有潜在危险的Request的值（？）]结果
  System.Web.Htt prequest.ValidateInputIfRequiredByConfig（）11494475结果
  System.Web.PipelineStepManager.ValidateHelper（HttpContext的背景下）
  184版本信息：Microsoft .NET Framework版本：4.0.30319; ASP.NET版本：4.0.30319.272

解决方案

如果您正在使用.NET 4.0，你应该能够允许含问号的URL（？）通过在web.config

 ＆LT;＆的System.Web GT;
   ＆LT;的httpRuntime requestPathInvalidCharacters =＆放大器; LT;，＆放大器; GT;，*，％，＆放大器;放大器;，：，\\/＆GT;
＆LT; /system.web>
 

请注意，我只是删除了问号，原来的默认字符串（？）：

 ＆LT;的httpRuntime requestPathInvalidCharacters =＆放大器; LT;，＆放大器; GT;，*，％，＆放大器;放大器;，：，\\，？ /＆GT;
 

I am using Sitefinity 5.1 and RadGrid in this example.

I have been troubleshooting one of our pages on development server this morning and I have confirmed that it behaves differently on the page with the styling (template) than on the barebones page (no styling, no scripts etc):

1. The page does not work in Chrome but does work in IE and Firefox
2. The page on a bare-bones page (no template, header, or anything else) works in IE, Firefox and Chrome

Code used:

Response.Redirect(String.Format("~/services/separation-by-code/managesbyc?id={0}", DateTime.Now.Ticks.ToString()));

I am using ticks to refresh the page before I get there.

Here are some results:

Firefox: seabass.ptagis.org/services/separation-by-code/managesbyc?id=634854696522350585 -> works

Chrome on the bare-bones Sitefinity page: seabass.ptagis.org/services/separation-by-code/managesbyc?id=634854701574768045 -> works

Chrome on the styled page (CSS, Scritps, etc): seabass.ptagis.org/services/%2fservices%2fseparation-by-code%2fmanagesbyc%3fid%3d634854699444302751 -> nope

I get the server error attached below.

I did go through all the steps of setting web.config httprequests = 2.0 and page validations = false. That did not help.

Any help is appreciated.

Server Error in '/' Application. A potentially dangerous Request.Path value was detected from the client (?). Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (?). Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace: [HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (?).]
System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +11494475
System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +184 Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272

解决方案

If you're using .NET 4.0, you should be able to allow the url containing a question-mark (?) via the web.config

<system.web>
   <httpRuntime requestPathInvalidCharacters="&lt;,&gt;,*,%,&amp;,:,\" />
</system.web>

Note, I've just removed the question-mark (?), the original default string is:

<httpRuntime requestPathInvalidCharacters="&lt;,&gt;,*,%,&amp;,:,\,?" />

这篇关于从客户端检测到Sitefinity有潜在危险的Request的值（？）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！