Unable to pass '<' in URL as parameter
Why am I unable to pass '<' character as a parameter in the URL? If I do:
http://localhost:9566/?myVar=2 that is ok
But I cannot do:
http://localhost:9566/?myVar=<foo> Why does this give me an error?
When I URL-encode <foo> I get %3Cfoo%3E.
And when I do http://localhost:9566/?myVar=%3Cfoo%3E, I still get the same error:
Solution
This is by design. The characters you are trying to pass could potentially be used in a Cross Site Scripting (XSS) attack.
Here are a few links to get you started on understanding what XSS is:
- https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29
- http://www.cgisecurity.com/xss-faq.html
While you can disable this type of validation I would not recommend it. Do you really need to pass a tag in a query string parameter?
- What is the difference between SendAsync and SendMailAsync methods of SmtpClient?
- How to get the current logged in user ID in ASP.NET Core?
- Possible to Compile ASP.NET to Machine Code?
- How to unchecked RadioButton on ASP.NET/VB.NET
- How can I count a value of table records, using session variable?
- Facebook Graph API getting data when user not logged in
- Developing ASP.NET Facebook App Locally
- Use an assembly in an aspx page
- how to display none through code behind
- ASP.NET "special" tags
- Unable to utilize UrlHelper
- How do I avoid the status error after Http Headers sent?
- How do I loop through a PropertyCollection
- Why is my Blazor Web App throwing a SocketException when authenticating with OpenIddict when deployed to Azure App Service?
- Has an event handler already been added?
- td data is not coming in single line
- EF SaveChanges not saving and not throwing exception
- .Net test URL is valid?
- HtmlAgilityPack: How can I remove a tag from a node while I'm looping through the node collection?
- Unsupported Media Type http response when upload file using c# api.
- Parser Error Message: Could not load type 'sometype'
- A non-blocking socket operation could not be completed immediately
- How to attach a PDF generated using jsPDF to the mail using asp.net c#
- Automating finding compile errors in ASP.NET pages
- Compiling a 6GB site
- Is there C# compiler for Mac OS X?
- An error occured after adding the initial Migration while accessing the Microsoft.extension.hosting services
- Website in pure C#
- How do I interpret error codes from FrontPage Extensions?
- What is the use of Normalized Email & UserName in .NET core IdentityUser Model?