find a location for property in a new city

Thursday, 28 February 2013

The request filtering module is configured to deny a request that contains a double escape sequence

In IIS 7.5 I have a site that contains a page that takes an encrypted part of a URL. This encrypted string includes a plus sign '+' which causes IIS to throw a "HTTP Error 404.11 - Not Found" error stating "The request filtering module is configured to deny a request that contains a double escape sequence."

The problem is that a + sign used to be acceptable in earlier versions of IIS so these URLs need to remain for legacy reasons. So, I need to make them allowed again in IIS.

The quick fix

This can be easily achieved with a simple web.config change:

<system.webServer>
    <security>
        <requestFiltering allowDoubleEscaping="true" />
    </security>
</system.webServer>

This allows URLs to contain this plus symbol '+'.

The warning

There are consequences to this which unsurprisingly are security related so please read Double Encoding to familiarise yourself with the risk for your situation. If it is a risk to you maybe the best solution is to redesign those URLs?

Follow britishdev on Twitter

Posted by Colin Farr at Thursday, February 28, 2013 Labels: ,

33 comments:

  1. Thanks a lot, that helped.

    ReplyDelete

  2. Great tutorial,you have explained about HTTP Error 404,which i found very interesting to read.I must say you have work hard in making this post.
    buy switch board matting in different sizes from http://switchboardmattingco.co.uk/

    ReplyDelete

  3. All the best blogs that is very useful for keeping me share the ideas
    of the future as well this is really what I was looking for, and I am
    very happy to come here. Thank you very much
    earn to die
    earn to die 2
    earn to die 3
    Hi! I’ve been reading your blog for a while now and finally got the
    earn to die 4
    courage to go ahead and give youu a shout out from
    earn to die 6
    Austin Texas! Just wanted to tell
    earn to die 5
    you keep up the fantastic work!my weblog
    age of war
    Hi! I’ve been reading your blog for a while now and finally got the
    happy wheels
    strike force heroes
    slither io
    slitherio
    good game empire

    ReplyDelete

  8. The best space for your child to relax!: wingsio | slither io | abc

    ReplyDelete

  9. Let’s keep are safe place to play the very best free games for kids! Please click:
    slither.io | wings.io | happy wheels | abcya | happy wheels the game free | pokemon go to play for free games for kids!

    ReplyDelete


  12. Thanks for posting this useful content, Good to know about new things here, Let me share this, . Hadoop training in pune

    ReplyDelete

  17. Nice Blog.Thank you for Sharing. We are leading erp software software solution providers in chennai. For more details call +91 9677025199. erp software in chennai | erp providers in chennai | online events registration

    ReplyDelete

  18. Your topic is very great and useful for us…thank you

    lennyfacetext.com

    ReplyDelete

  19. I was working and suddenly I visits your site frequently and recommended it to me to read also. The writing style is superior and the content is relevant. Thanks for the insight you provide the readers!
    www.appbaixar.com

    ReplyDelete

  20. I was very impressed by this post, this site has always been pleasant news. Thank you very much for such an interesting post. Keep working, great job! In my free time, I like play game: vex3game.com. What about you?

    ReplyDelete

  22. This blog is so nice to me. I will continue to come here again and again. Visit my link as well. Good luck
    cara menggugurkan hamil
    cara menggugurkan kandungan

    ReplyDelete

  23. I found a lot of interesting information here. A really good post
    WebDesign Lüdenscheid

    ReplyDelete


  24. I have read this above post its very nice for us thanks sharing ,great post.
    http://catmario.games

    ReplyDelete

  25. This is really a pleasant and useful, containing all data furthermore greatly affect the new innovation. Much obliged for sharing it,
    Avriq India
    Avriq
    AVRiQ - Data Recovery
    AVRiQ Crunchbase
    Avriq Services
    Avriq Us

    ReplyDelete

  26. Great post!! very informative.
    Thank you very much for such a lovely and informative post.

    http://word-cookies-answers.com

    ReplyDelete

  27. I love to see you have written this content very Well and want to write more so people will aware of this issue
    I have some favorite game Blogs as well like
    ||Happy Wheels at happywheels.in||
    ||Happy wheels game at classic happy wheels game||
    ||Happy Wheels demo at happy wheels||
    ||Fireboy and watergirl at fireboywatergirl.co||

    ReplyDelete

  28. a pride for me to be able to discuss on a quality website because I just learned to make an article on
    cara menggugurkan kandungan

    ReplyDelete

  30. I would like to say thank you for the amazing blog.
    online movie

    ReplyDelete

  33. cara menggugurkan hamil kandungan dengan cepat dan akurat terbukti ampuh untuk melunturkan janin kehamilan muda 1 minggu hingga 1 , 2 , 3 dan 4 bulan
    obat penggugur kandungan adalah suatu bentuk proses berakhirnya kehamilan dengan dikeluarkannya janin ( fetus ) atau embrio sebelum memiliki kemampuan untuk berkembang dan bertahan hidup diluar rahim , sehingga bisa menyebabkan kematiannya pada janin
    Disini akan kami beritahukan kepada Anda langkah cara cepat menggugurkan kandungan dengan cepat dan selamat adalah KURET dan obat aborsi
    Kunyit memang tidak di baik di konsumsi oleh ibu hamil yang sedang hamil muda sehubungan dengan sifatnya untuk melancarkan haid , dan di percayai sebagai obat telat datang bulan
    jual obat aborsi paling manjur Misiprostol Cytotec asli terbukti ampuh melunturkan janin kuat tanpa kuret dengan bersih untuk usia 1 , 2 , 3 sampai 4 bulan dengan aman

    ReplyDelete

Subscribe to: Post Comments (Atom)