A potentially Dangerous Request.Path value was Detected from the client

Asked

Viewed 1,494 times

1

I’m trying to submit an action with a parameter like this:

 <a href="@Url.Action(@"Create/?reference=01/04/2016", "Cobranca")"

But it generates a URL like this:

Cobranca/Create/%3freference%3d01/04/2016

And causes the mistake:

A potentially dangerous Request.Path value was detected from the client 

I put on the web.config the following codes:

 <pages validateRequest="false" />
 <httpRuntime targetFramework="4.5" requestPathInvalidCharacters="" />
<system.webServer>
    <security>
      <requestFiltering allowDoubleEscaping="true"/>
    </security>

Stopped this error but now from 404 error being that the URL should be:

Cobranca/Create/?reference%3d01/04/2016

or better

Cobranca/Create/?reference=01/04/2016

1 answer

1


What is your action Create expect to receive parameter? A string called reference or a Datetime called reference?

Furthermore, it is good practice to use the third parameter of Url.Action() to pass the route values, this way ASP.NET will take charge of mounting the Url and its parameters for you:

<a href="@Url.Action("Create", "Cobranca", new { reference = "01/04/2016"})"/>

If Reference is a date. just replace the fixed string "01/04/2016" with its date.

  • in fact my action receives 3 parameters, how to send in this case?

  • 1

    The same way you did with the Reset, adding the extra parameters in the dynamical object <a href="@Url.Action("Create", "Cobranca", new { reference = "01/04/2016", parametro2 = 2, andHisNameIs = "JOHNCEEENA"}) "/>. Remembering that you are not required to pass all parameters of your Action, unless they are very important to your logic. Parameters that are not passed will only receive the value null.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.