All geek questions in one place

ASP.Net: HTTP 400 Request failed while trying to process http: // localhost: 5957 / http: //yahoo.com

I am trying to create something similar to diggbar: http://digg.com/http://cnn.com

I am using Visual Studio 2010 server and Asp Development.

However, I cannot get the ASP dev server to process the request because it contains "http:" in the path. I tried creating an HTTPModule to rewrite the URL in BeginRequest, but the event handler is not called when the URL is http: // localhost: 5957 / http: //yahoo.com . The event handler is called if the URL is http: // localhost: 5957 / http / yahoo.com

Summarizing

Any ideas?

+4
source share
12 answers

From Stefan on the ASP.Net Team: http://forums.asp.net/p/1431148/3221542.aspx

In current versions of ASP.NET, URLs containing characters, such as a colon, will be rejected as a potential security risk. The historical reason for this is that the underlying NTFS file system supports alternative resource streams that can be accessed with names such as "yourfile.txt: hiddendata.txt". Blocking the colon character from Urls prevents accidentally running poorly written applications with alternative resource streams.

In current versions of ASP.NET, there is also a restriction that incoming URLs must be displayed on the NTFS file system in order to define managed configuration data.

In ASP.NET 4, these restrictions may optionally be removed. However, these changes are in ASP.NET 4 Beta 2 - they are not in beta 1. We tested the URL provided earlier in this forum and confirmed that you can use ASP.NET 4 internal collections this url style and handle it without error 400.

-Stefan

+7
source

From Stefan to the ASP.Net Team

I set out the following from the following What New Beta 2 document:

ASP.NET 4 introduces new options to expand the range of valid Urls applications. The simplest and most useful change is that ASP.NET gives developers the ability to use longer URLs. Previous versions limited the length of the Url path to 260 characters (limiting the path to the NTFS file). In ASP.NET 4, developers have the ability to increase (or decrease, if they choose) this limit, suitable for their applications, using two new httpRuntime configuration attributes:

Change the value of "maxRequestPathLength" to allow longer or shorter URL routes (part of the Url sans protocol, server, and query string). Change the value of "maxQueryStringLength" to allow longer or shorter query strings. ASP.NET 4 also allows developers to customize the character set used by ASP.NET Url character checks. When ASP.NET finds an invalid character in part of the Url path, it rejects the request with an HTTP 400 error. In previous versions, Url character checks were limited to a fixed character set. In ASP.NET 4, developers can customize the set of character checks using another new httpRuntime configuration attribute:

By default, the requestPathInvalidChars attribute contains seven characters that are considered invalid (the less than the characters and the ampersands encoded as the configuration is an Xml file). Developers can then expand or reduce the set of invalid characters depending on the needs of the applications. Note that ASP.NET 4 will still reject any Url paths that contain characters in the ASCII character range from 0x00-0x1F, as they are considered invalid Url characters (RFC 2396 considers these characters to be invalid, and on Windows servers running IIS6 or higher, http. The sys protocol device driver also automatically rejects Urls with these characters).

  • Stephen
+5
source

I had exactly this problem when creating the shortener URL for ASP.net. Throughout my life, I could not force the colon to be encoded in such a way that ASP would accept it using either HttpUtility.UrlEncode or javascript escape () on the client side.

My decision is what to do with Base64 encoding. Turns all this into non-controversial alpha numbers. Then you decode on the server. I used these features .

In addition, I created an HttpModule that should be launched by the host defam, so I know how to handle what follows as the URL to decode. Ping me if you want more information.

+3
source

You need to use HttpUtility.UrlEncode in your line before redirecting to it.

0
source

I'm not sure I use the digg web server, but I'm sure this is simply not possible with IIS or the built-in web server for VS. This is most likely a web server that you can modify to allow all sorts of stupid URLs.

0
source

This is not IIS, but an ASP Development server. Try installing in IIS and see if it works.

0
source

I am sure you could do this with the IIS Census. ASP.NET Development Server cannot rewrite as far as I know, but you can try to do this using either IIS7 rewriting, or if you have an earlier version, Ionics ISAPI Rewrite Filter .

0
source

KB 826437 ( http://support.microsoft.com/kb/826437 ) contains an answer to your question

  • Make sure that Microsoft.NET 1.1 SP1 is installed on the computer.
  • In the registry key HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ ASP.NET, create a 32-bit DWORD value for VerificationCompatibility = 1
  • Restart IIS.

This worked for me (IIS 6, ASP.NET 4), maybe it will work for you too.

0
source

Try HttpUtility.UrlPathEncode(url) - MSDN docs

0
source

Fast solution for development environment:

  • Change the properties of the web project to "Use local IIS server" and check the box "Use IIS Express" (which saves the URL of the VS Dev server).

  • Add the following parameter to Web.config inside <system.web> :

     <httpRuntime requestPathInvalidCharacters="" />

For production deployment, consider the security considerations mentioned in other answers.

0
source

I answered a similar question here.

fooobar.com/questions/280762 / ...

Basically, ASP.net only accepts encoded characters, such as the colon after the question mark. Fortunately, ASP.net MVC automatically displays both / api / persons / xxxx and / api / persons? Id = xxxx is the same in the default mapping, so this is what I did.

0
source

Source: https://habr.com/ru/post/1285719/

More articles:


All Articles