I came across the the following error while testing one of company's web app:
A potentially dangerous Request.Path value was detected from the client (&).
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (&).
Well the error is self-explanatory, my URL contained an illegal character (&). An alternative to resolve this error is through the use of "requestPathInvalidCharacters " in your web.config file. You can implement this as follows:-
<system.web>
<httpRuntime requestPathInvalidCharacters="<,>,*,%,:,\" />
</system.web>
The above should solve the problem. You can either choose to lock this down to a particular location, as recommended by one of the members of Stack Overflow:-
<location path="the/path/you/need/to/lock/down">
<system.web>
<httpRuntime requestPathInvalidCharacters="<,>,*,%,:,\"/>
</system.web>
</location>
The above approach is even more safe because you only locking it down to a particular location, rather than exposing this to the whole site.
Regards,
Mpho