470,614 Members | 1,522 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,614 developers. It's quick & easy.

Breaking URL character combinations

I have found that some strange combinations of characters in a URL can cause
an error in my ASP.NET application.
This is regarding URL Paramters

For example:
if i have the URL:
http://www.mysite.com/home.aspx?param=123

my page loads fine

But the URL:
http://www.mysite.com/home.aspx?param=%23%26

causes an application error.

Two of these combinations i have found are
%23%26
and
%3cb

Why do these combinations of characters cause an application error, and how
can i find out which other characters will.
These two combinations originated from crawlers on my site and at time and
generate hundreds of errors in a few minutes.

At the moment i'm using an Isapi Rewrite to remove these harmful characters,
but would like to know if there is a list of other harmful combinations i
can look out for

Thank you

Grant
Nov 18 '05 #1
2 1381
If in the page attributes you set validaterequest="false" you should not
have any error.
The default value is set to true to prevent the script-injection.

"GrantMagic" <gr***@magicalia.com> ha scritto nel messaggio
news:%2****************@TK2MSFTNGP14.phx.gbl...
I have found that some strange combinations of characters in a URL can
cause an error in my ASP.NET application.
This is regarding URL Paramters

For example:
if i have the URL:
http://www.mysite.com/home.aspx?param=123

my page loads fine

But the URL:
http://www.mysite.com/home.aspx?param=%23%26

causes an application error.

Two of these combinations i have found are
%23%26
and
%3cb

Why do these combinations of characters cause an application error, and
how can i find out which other characters will.
These two combinations originated from crawlers on my site and at time and
generate hundreds of errors in a few minutes.

At the moment i'm using an Isapi Rewrite to remove these harmful
characters, but would like to know if there is a list of other harmful
combinations i can look out for

Thank you

Grant

Nov 18 '05 #2
presumably your code is expecting a number, and blowup when you get a string
like "#&". the crawlers are probably having a hard time parsing you pages,
check that you are generating valid html. run your page output through an
html validation suite. note: you will be stuck with the illegal html that
asp.net generates (bad identitfiers).
-- bruce (sqlwork.com)
"GrantMagic" <gr***@magicalia.com> wrote in message
news:%2****************@TK2MSFTNGP14.phx.gbl...
I have found that some strange combinations of characters in a URL can cause an error in my ASP.NET application.
This is regarding URL Paramters

For example:
if i have the URL:
http://www.mysite.com/home.aspx?param=123

my page loads fine

But the URL:
http://www.mysite.com/home.aspx?param=%23%26

causes an application error.

Two of these combinations i have found are
%23%26
and
%3cb

Why do these combinations of characters cause an application error, and how can i find out which other characters will.
These two combinations originated from crawlers on my site and at time and
generate hundreds of errors in a few minutes.

At the moment i'm using an Isapi Rewrite to remove these harmful characters, but would like to know if there is a list of other harmful combinations i
can look out for

Thank you

Grant

Nov 18 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

1 post views Thread by Chris Sharman | last post: by
36 posts views Thread by rbt | last post: by
27 posts views Thread by The Bicycling Guitarist | last post: by
22 posts views Thread by stevenkobes | last post: by
4 posts views Thread by Brian O'Haire | last post: by
16 posts views Thread by bgold12 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.