Jacek
Reputation: 12063
Encoded url gives dangerous request exception
I send by AJAX request to get users. Search is input entered by user on the form. Url which is send doesn't contain illegar chars. (I know that chars like ' or < or > are incorrect for email adress)
GET http://localhost:1294/Users/GetAll?search=%27test%27%2B%3Cinfo%2540test.pl%3E
query is encoded to protect XSS, but I get exception:
A potentially dangerous Request.QueryString value was detected
from the client (search="...test' <test@test.pl>").
I don't understand why I get this exception despite I encoded data in url ?
Upvotes: 1
Views: 163
Answers (1)
Related Questions
- Get the full URL in PHP
- How do I change the URI (URL) for a remote Git repository?
- What is the maximum length of a URL in different browsers?
- Get the current URL with JavaScript?
- How can I open a URL in Android's web browser from my application?
- How do I modify the URL without reloading the page?
- Java URL encoding of query string parameters
- A potentially dangerous Request.Form value was detected from the client
- Encode URL in JavaScript