Handle "A potentially dangerous Request" in IIS
I have hosted an MVC web application in my local system. When my application was tested using a VAPT tool by external Auditors, they discovered an error when they accessed the application using the following URL : https://10.25.71.117/uncpath/<script>alert("123")</script>.
The error is:
"A potentially dangerous Request. Path value was detected from the client (<)."
Here my application is not uncpath. As my application itself is called, I want to handle the error through IIS server. For that I need to know the Error status code for this kind of requests and handle it using a custom error.
Solution
I think you want something like Custom error pages:
- https://learn.microsoft.com/en-us/iis/configuration/system.webserver/httperrors/
- Custom 404 error page not working on IIS 8.5
If you try but fail to implement, feel free to post your attempt(s) here and their results.
- How to shutdown one instance of an app service in azure
- How to change nopcommerce page title to my one web site name?
- How to modify posted form data within controller action before sending to view?
- How can i render partial view as modal popup on button click?
- How to get the Display Name Attribute of an Enum member via MVC Razor code?
- Templates can be used only with field access, property access, single-dimension array index error
- What does the DBContext.Entry do?
- Select2 -- placeholder not displaying
- How to retrieve a list of Memory Cache keys in asp.net core?
- InvalidOperationException: Cannot find compilation library location for package 'System.Security.Cryptography.Pkcs'
- The type or namespace name 'Mvc' does not exist
- Don't show the success message by using toastr.js after deleting the category with the sweetalert2.js, just showing the error: toastr is not defined
- This Page isn't working Localhost redirected too many times MVC
- MVC.NET how to secure submitting forms after edit
- CS1026: ) Expected | CS1002: ; expected | CS1513: } expected
- How to validate CNIC no in mvc by regular expression
- System.Web.HttpException (0x80004005): Maximum request length exceeded
- How to add a model in asp.net mvc project
- MVC Date Time Model Binding
- Entity Framework - Check for pending migrations
- Handle "A potentially dangerous Request" in IIS
- Timezone region not found
- How to handle a array of Json object in Cosmos db using C#
- In C#, how can I know the file type from a byte[]?
- Changing Local Url
- How to implement a simple TreeView using ASP.NET MVC
- Returning binary file from controller in ASP.NET Web API
- Antiforgery token migration from .NET framework to .NET Core
- How to Use Configuration with ValidateDataAnnotations
- ViewComponent View was not found