Unable to pass a URL in GET request to a RESTful web service in C#

Question

I am stuck at an unexpected issue in my project. The issue is that there is a URL produced on the fly in my code that I have to submit it to a RESTful web service via a GET request. For e.g. the URL to submit looks like this: http://mysampleserver.com:8080/calc/8999/bpaX

The RESTful server accepts URL as its last parameter in the format below:

http://myRestfulAPI.domainname.com/capture/bbbb/http://mysampleserver.com:8080/calc/8999/bpaX

I also used System.Net.HttpUtility.UrlEncode(....) to encode the "URL to submit" first to incorporate it in the RESTful service call.

That resulted in getting the error below:

System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (:)

To try to resolve it, I followed the steps described per this web page but no luck.

I am using MVC 4 to implement the RESTful API in C#.

Any clue or idea how to get around this showstopper issue?

Answer 1

There are at least two solutions I can think of.

1. Change your RESTFul service to use post, because you send information to your server, and potentially it will change your resource status, based on HTTP protocol , you should use POST anyway.
2. You can also encode your url with Base64

Answer 2

The steps that you've tried are the correct steps. See also this question potentially dangerous... which is the same issue.

There are a number of characters that .NET doesn't allow in in a URL by default, and the : is one of them (as a query string, at least). They are 'potentially dangerous'. Making this change to the configuration file allows these characters to be passed through to your application.

Answer 3

You need to Url.Encode the url in the query string (mvc parameters) otherwise it is interpreted as more URL encoding for MVC to decode as parameters. Try something like @Url.Encode(yourStringObject) and pass it as the last value or as a query (i.e. &q=url)