I'm working on a web api call that includes parameters with '&'.
I've tried uriEncodingComponent to get the following thinking it was going to fix the issue but I am still running into the same problem. The url I'm trying to reach is here below.
http://localhost:123/api/Apples/GetApples/Red%20%26%20Green/20
I have also tried changing the HTTPRuntime in my application, without any success, to the following:
<httpRuntime requestValidationMode="2.0" requestPathInvalidCharacters="<,>,*,%,:,\,?" />
Any help is greatly appreciated!
The WebAPIConfig had constraints that was not including &. Included modified my regex expression to accept the character.
Related
I have code that i used a year or two ago to create an activation link that is send by email, using a code as a parameter, i tried so many different ways, encoding, using other syntax, adding web.config settings <pages validateRequest="false" />
requestValidationMode="2.0"
, annotations [AllowHtml], literally tried dozen of post on the internet but none of them worked.
So i am overseeing something here, that i am sure but i can't find the solution.
The error i get is:
A potentially dangerous Request.Path value was detected from the client (?)
The format i use is
Url.Action("action","controller", new { Id = guidValue }, Request.Url.Scheme)
My routing is the Default so this should work.
The Url is like this in the address bar once clicked:
http://localhost:52641/Account/Login?ReturnUrl=%2FAccount%2FAccountActivation%2F%3Fid%3Dfc39f53f-6fa7-43d2-b30a-8b4e20f0f237
While it should give me:
http://localhost:52641/Account/AccountActivation?id=fc39f53f-6fa7-43d2-b30a-8b4e20f0f237
What is happening here?
Thank you for any feedback!
I removed the complete built in Authentication (NuGet packages & classes)
from my solution (since i didn't needed them) and this made the above case work as it was. I can't elaborate more on the what's and how's (i am sure other people can) but i think it has to do with routing that comes with the authentication.
I am running MVC 5 and have a search API that produces the following link: /SearchedItem.?format=json where SearchedItem. is the user's input into search. This obviously causes a famous 404 due to a dot character. I've looked into all of the following solutions:
Dot character '.' in MVC Web API 2 for request such as api/people/STAFF.45287
Dots in URL causes 404 with ASP.NET mvc and IIS
ApiController returns 404 when ID contains period
However, neither adding a slash (tried both /SearchedItem./?format=json and /SearchedItem.?format=json/) nor RAMMFAR worked.
Looking for any new suggestions.
You have to change your web.config, the trailing dot let's iis think you are accessing an image.
Add the following within the system.webServer / handlers ( web.config)
<add name="ApiURIs-ISAPI-Integrated-4.0"
path="/api/*"
verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS"
type="System.Web.Handlers.TransferRequestHandler"
preCondition="integratedMode,runtimeVersionv4.0" />
Another suggest would be to set RunAllManagedModulesForAllRequests to true, but i wouldn't recommend that. All static assets would be handled through the .net code then :)
I see in your question that you checked related links. But are you sure? Because i have came accross this in the past and above was my solution...
Most suitable way is to encode once you route to url and decode in the respective action you can use HttpUtility to perform encoding and decoding
If you don't want to encode and decode then try adding relaxedUrlToFileSystemMapping config as explained Here
I tried following the answers gave here, but I get the error Imported Xml content can not be parsed.
Here's what I tried:
=importXml("http://www.amazon.it/Asus-GeForce-Scheda-Display-Edition/dp/B00SKWIISQ/","//span[#id='priceblock_ourprice']")
=importxml(hyperlink(concatenate("http://www.amazon.it/Asus-GeForce-Scheda-Display-Edition/dp/B00SKWIISQ/")),"//*[#id='priceblock_ourprice']")
None of them worked..
EDIT: The functions are intermittently working. Seems there's an issue specifically with the Amazon site as sometimes this works, sometimes it doesn't (and I get "imported content cannot be parsed"). When it doesn't, sometimes if I add or remove the trailing slash it works again. No problem with other sites. Seems a known issue: https://productforums.google.com/forum/#!topic/docs/UuMGRl7Asew https://productforums.google.com/forum/#!topic/docs/yWPaNDK0Kpg
What's a mistery is the cause.
if you try //* xPath, then you'll see that Amazon is making a robot check. That is the reason of unsuccessful parsing.
Unfortunately, I can't see the obvious way to overcome this.
And, as to changing comma to semicolon and vice versa - it doesn't work, because it depends on your local settings for Google Spreadheet, which delimiter you have to use in functions. For some countries it's a comma, for others it's a semicolon.
Try this:
=importXml("http://www.amazon.it/Asus-GeForce-Scheda-Display-Edition/dp/B00SKWIISQ";"//span[#id='priceblock_ourprice']")
I changed the colon to semicolon and removed the trailing slash of the URL to make sure that no HTTP redirects are done.
I was making some changes to security.xml regarding the access like:
<intercept-url pattern="/app/admin/projectform*" access="ROLE_ADMIN,ROLE_ENGAGEMENT_MANAGER"/>
But I am confused how to differentiate between the following two URLs:
/userform?create=Engagement&method=add&from=list
/userform?create=manager&method=add&from=list
They need to be assigned to different roles.
I tried to do something very similar but couldn't. On inspecting the source code I realised spring-security doesn't consider request parameters when applying coarse grain/url authorization.
I ended up creating two separate urls.
I have the same issue. I debugged and found out that Spring failed to parse separated roles with comma actually it throws ParseException at doParseExpession. you can find the exact line [here][1]
It says it missing some data if there is acomma`. I haven't figure why. But, it seems that #Oliver advice is a good one for now. i.e break the rules for two/more lines
Edit
Solution:
seems that in version 4 filter-security-metadata-source expect to get request-matcher AND use-expressions i.e try:
<filter-security-metadata-source request-matcher="ant" use-expressions="false">
<intercept-url pattern="/app/admin/projectform*" access="ROLE_ADMIN,ROLE_ENGAGEMENT_MANAGER"/>
</filter-security-metadata-source>
I wrote the code in global.asax contain this
oRoutes.MapPageRoute("test-route", "home/{cURL}", "~/test.aspx");
everything fine, but had error when URL contains "." symbol. And I add the code below just can fix only one dot in URL.
<httpRuntime relaxedUrlToFileSystemMapping="true" />
For Example, when I call http://foo.com/home/open.door.foo/, the routing failed.
Is there any simple way to fix this problem? thanks.
P.S 1: please don't provide the way to remove last words like ".foo", because there could be occur in my URL like http://foo.com/hey.john.open.the.book.volume.1-brabra :-)
P.S 2: For some reason, I must be use "." symbol in URL. :'(
I guess based on several posts here in SO, you should encode your values
ASP.NET MVC: How to Route Search Term with . (Period) at the end
Semantic urls with dots in .net