Difference between revisions of "Special Characters - IIS7"
(Created page with "==Ampersand & the Request URL in IIS7== When using IIS7, and filenames which include the ampersand character do not work and the generate the response “400 Bad Request”. ...") |
m (Briana moved page IIS7 Special Characters to Special Characters - IIS7 without leaving a redirect) |
(No difference)
|
Latest revision as of 02:34, 26 March 2013
Ampersand & the Request URL in IIS7
When using IIS7, and filenames which include the ampersand character do not work and the generate the response “400 Bad Request”. The ampersand (&) is considered a "restricted character" and the request is rejected. The optimal solution is to rename any file names with ampersands. Alternatively there are two common solutions:
- Change the Managed Pipeline Mode of the Application Pool from Integrated to Classic.
- Add the following to the .Net configuration, this could either be placed within a web.config file in the folder or the middle two lines could be placed within the server's web.config file in order to affect all sites.
<configuration> <system.web> <httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" /> <pages validateRequest="false" /> </system.web> </configuration>
Railo or ColdFusion - Boncode Connector Explained
The second optional resolution will work for sites using Railo and the Boncode connector.
The BonCode connector requires .NET 4 in Integrated mode. It has a wildcard mapping and evaluates all requests to see if they should be handled by Railo or ColdFusion. The BonCode connector utilizes .Net so the built-in .Net request filtering is blocking the request as 'potentially dangerous' as '&' characters are used in SQL (potentially used in sql-injection).
When you set the application to use a 'Classic Mode' application pool, the BonCode wildcard mapping no longer runs because of the 'PreConditions' set for that handler (since it requires 'Integrated Mode') and that fixes the issue.