Clever Geek Handbook

A potentially dangerous Request.Path value was detected on the client (:)

I sometimes get the following error in a published web application using ELMAH:

System.Web.HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:).
at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)

in the url reported by elmah I get:

/https:/domain.com/

Do I have to put the following line in my web.config to fix it ?:

<httpRuntime requestValidationMode="2.0" />

What does it mean? Should I be careful about this?

+3


source to share


1 answer


Typically, these are either bots that scan your sites, or hackers that hunt vulnerabilities. They usually have nothing to worry about. You probably just want elmah to ignore these errors. Add filter:

<errorFilter>
<test>
    <regex binding="Exception.Message" 
           pattern="(?ix: \b potentially \b.+?\b dangerous \b.+?\b value \b.+?\b detected \b.+?\b client \b )" />
</test>


http://code.google.com/p/elmah/wiki/ErrorFilterExamples

+4


source






More articles:


All Articles