当URL包含连接codeD符号的MVC Web API路由失败 [英] MVC WEB API routing fails when url contains encoded ampersand
问题描述
当我打电话给我的web服务女巫有两个参数,我得到:
When i call my webservice witch takes two parameters i get:
从客户端检测到有潜在危险的Request的值(安培)。
A potentially dangerous Request.Path value was detected from the client (&).
Routeconfig:
Routeconfig:
config.Routes.MapHttpRoute(
name: "PropertiesSearch",
routeTemplate: "api/property/Search/{category}/{query}",
defaults: new { controller = "Property", action = "Search", category = "common", query = string.Empty }
);
Controllermethod:
Controllermethod:
[HttpGet]
public SearchResult Search(string category, string query)
{
}
当我打电话与API:
/ API /属性/搜索/家庭/ areaID表示%3D20339%26areaId%3D20015
/api/property/search/homes/areaId%3D20339%26areaId%3D20015
从客户端检测到有潜在危险的Request的值(安培)。
A potentially dangerous Request.Path value was detected from the client (&).
这样做:
/ API /属性/搜索/家庭/?查询= areaID表示%3D20339%26areaId%3D20015
/api/property/search/homes/?query=areaId%3D20339%26areaId%3D20015
正常工作。
我要如何解决路由解码问题?
How do i solve the routing decoding problem?
推荐答案
斯科特Hanselman的<一个href=\"http://www.hanselman.com/blog/ExperimentsInWackinessAllowingPercentsAnglebracketsAndOtherNaughtyThingsInTheASPNETIISRequestURL.aspx\">blogged这个。你可能要检查的 requestPathInvalidCharacters
属性&LT;的httpRuntime方式&gt;
节点在你的web.config
Scott Hanselman blogged about this. You might want to check the requestPathInvalidCharacters
property of the <httpRuntime>
node in your web.config.
个人而言,我会避免这样的字符在URI部分,简单地把这些值作为查询字符串参数。
Personally I would avoid such characters in the uri portion and simply put those values as query string parameters.
这篇关于当URL包含连接codeD符号的MVC Web API路由失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!