We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

A potentially dangerous Request.Path value was detected from the client (:)RSS

7 replies

Last post May 18, 2021 09:57 AM by samwu

  • A potentially dangerous Request.Path value was detected from the client (:)

    Apr 30, 2021 09:42 AM|mrbot|LINK

    Hi Everyone

    I'm facing the below error when accessing a URL with 3 forward slash through iis reverse proxy.

    Sample URL : http://192.168.0.134/activity/documents.w3p;pioiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F%3Bguid%3Df2e18eef-35cd-4797-8a6d-54e8ab1d0147%3Bclass%3DProject

    can someone please help me to resolve this ? we cannot change the URL.

    Server Error in '/' Application.


    A potentially dangerous Request.Path value was detected from the client (:).

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (:).

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.


    Stack Trace:

    [HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:).]
       System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +11995904
       System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +54
    

     


    Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.2106.0

  • Re: A potentially dangerous Request.Path value was detected from the client (:)

    May 03, 2021 01:59 AM|samwu|LINK

    Hi mrbot,

    mrbot

    Sample URL : http://192.168.0.134/activity/documents.w3p;pioiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F%3Bguid%3Df2e18eef-35cd-4797-8a6d-54e8ab1d0147%3Bclass%3DProject

    mrbot

    Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (:).

    After.NET 4.0, if the url contains some special characters, it will occur this error. I did not find the special character ":" in your URL, but I found the special character ";". You can either try to remove the special character and try again, or you can fix this error either by encoding your URL or by modifying your web.config file as:

    <system.web>
    <httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" />
    <pages validateRequest="false" />
    </system.web>

    Best regards,

    Sam

    IIS.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today. Learn more >
  • Re: A potentially dangerous Request.Path value was detected from the client (:)

    May 03, 2021 10:34 AM|mrbot|LINK

    Hi Sam,

    I have modified web.config as suggested, now i'm getting a bad URL error message.

    Bad Request - Invalid URL


    HTTP Error 400. The request URL is invalid.

    We have special character ":" in the URL.

    http://192.168.0.134/activity/documents.w3p;pioiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F%3Bguid%3Df2e18eef-35cd-4797-8a6d-54e8ab1d0147%3Bclass%3DProject

    the highlighted section refers to dms:///

    after updating the web.config with the below changes.

    <system.web>

    <httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" /> <pages validateRequest="false" /> </system.web>

    the triple forward slash "///"  in the URL got changed to single forward "/" slash that results the invalid URL.

    sample URL below.

    http://192.168.0.134/templates/error.w3p;emessage=E10319-AS%3A%20Could%20not%20connect%20to%20object%20with%20oiid%20of%20'dma%3A%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F'

    Could not connect to object with oiid of 'dma:/45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F'

    Is there an option where we can pass through this URL in IIS without changing the "///" to "/"

  • Re: A potentially dangerous Request.Path value was detected from the client (:)

    May 04, 2021 03:05 AM|samwu|LINK

    Hi mrbot,

    mrbot

    We have special character ":" in the URL.

    mrbot

    http://192.168.0.134/activity/documents.w3p;pioiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961%2F%3Bguid%3Df2e18eef-35cd-4797-8a6d-54e8ab1d0147%3Bclass%3DProject

    In your url, except behind http, I did not find special character ":".

    mrbot

    the highlighted section refers to dms:///

    The highlighted section of your URL is "dma%3A%2F%2F%2F", I did not find the "dms:///" you referenced.

    mrbot

    the triple forward slash "///"  in the URL got changed to single forward "/" slash that results the invalid URL.

    Normally, the browser will automatically convert "///" to "/".

    Best regards,

    Sam

    IIS.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today. Learn more >
  • Re: A potentially dangerous Request.Path value was detected from the client (:)

    May 07, 2021 09:43 AM|mrbot|LINK

    Hi Sam,

    The URL is partially encoded one. Below is another sample URL.

    1) http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

    As per the ASCI encoding this url part

    2) dma:///45e6b900-8929-11d4-b772-0050da06bfb4/7bd350da-c9ee-4565-8000-2cbc18041961

    was converted as below.

    3) http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

    when 3rd URL is passed through IIS reverse proxy  %2F%2F%2F is getting replaced as %2F. That's resulting request URL as invalid

    is there a way where i can retain the encoding part of URL after http://192.168.0.134/reports/launch.w3p;

    when passed through IIS reverse proxy ? Something like 

    if the URL contains "roiid=dma" then 

    http://192.168.0.134/reports/launch.w3p;{UrlEncode:{roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961}}

    and preserve %2F%2F%2F

    and Final URL as below ?

    http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

  • Re: A potentially dangerous Request.Path value was detected from the client (:)

    May 11, 2021 09:53 AM|samwu|LINK

    Hi mrbot,

    mrbot

    1) http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

    As per the ASCI encoding this url part

    2) dma:///45e6b900-8929-11d4-b772-0050da06bfb4/7bd350da-c9ee-4565-8000-2cbc18041961

    was converted as below.

    3) http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

    when 3rd URL is passed through IIS reverse proxy  %2F%2F%2F is getting replaced as %2F. That's resulting request URL as invalid

    is there a way where i can retain the encoding part of URL after http://192.168.0.134/reports/launch.w3p;

    when passed through IIS reverse proxy ? Something like 

    You can try to use url rewriting. how do you generate such a complicated URL?

    Best regards,

    Sam

    IIS.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today. Learn more >
  • Re: A potentially dangerous Request.Path value was detected from the client (:)

    May 14, 2021 02:30 PM|mrbot|LINK

    samwu

    You can try to use url rewriting. how do you generate such a complicated URL?

    i have tried a rule as below,

               

    <action type="Rewrite" url="http://192.168.0.134/{UrlEncode:{REQUEST_URI}}" />
                <serverVariables>
                    <set name="REQUEST_URI" value="{ENCODED_URL}" />
                    <set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
                    <set name="HTTP_ACCEPT_ENCODING" value="" />
                </serverVariables>

    http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

    what happens is everything after the above yellow highlighted part got encoded as below red highlighted.

    http://192.168.0.134/%252Freports%252Flaunch.w3p%253Broiid%253Ddma%253A%252F45e6b900-8929-11d4-b772-0050da06bfb4%252F7bd350da-c9ee-4565-8000-2cbc18041961

    Is it possible to write a rewrite rule which can retain this "roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961" for the URL ?

    Could you please provide me a rule for doing this ?

  • Re: A potentially dangerous Request.Path value was detected from the client (:)

    May 18, 2021 09:57 AM|samwu|LINK

    Hi mrbot,

    mrbot

    http://192.168.0.134/reports/launch.w3p;roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961

    what happens is everything after the above yellow highlighted part got encoded as below red highlighted.

    http://192.168.0.134/%252Freports%252Flaunch.w3p%253Broiid%253Ddma%253A%252F45e6b900-8929-11d4-b772-0050da06bfb4%252F7bd350da-c9ee-4565-8000-2cbc18041961

    Is it possible to write a rewrite rule which can retain this "roiid=dma%3A%2F%2F%2F45e6b900-8929-11d4-b772-0050da06bfb4%2F7bd350da-c9ee-4565-8000-2cbc18041961" for the URL ?

    You can try this rule:

    <rule name="test1" stopProcessing="true">
    <match url="(.*)" /> <conditions> <add input="{HTTP_HOST}" pattern="192.168.0.134" /> <add input="{REQUEST_URI}" pattern="^/reports/launch.w3p;(.*)$" /> </conditions> <action type="Redirect" url="http://192.168.0.134/{C:1}" /> </rule>

    Best regards,

    Sam

    IIS.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today. Learn more >