HttpRuntimeSection.RequestPathInvalidCharacters Property
Gets or sets a list of characters that are specified as invalid in a path that is part of an HTTP request.
Assembly: System.Web (in System.Web.dll)
[ConfigurationPropertyAttribute("requestPathInvalidCharacters", DefaultValue = "<,>,*,%,&,:,\,?")] public string RequestPathInvalidCharacters { get; set; }
Property Value
Type: System.StringA comma-separated list of invalid characters. The following list contains the default set of invalid characters:
<,>,*,%,&,:,\\
To set this value in a configuration file, you can assign a comma-separated string of characters to the requestPathInvalidCharacters attribute of the httpRuntime element. For more information, see httpRuntime Element (ASP.NET Settings Schema).
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Default Characters
The correct Default values are "<,>,*,%,&,:,\\,?". It looks as though the second reference to this (missing the ?) is incorrect.
- 7/18/2011
- jjardine
what's the default?
the definition says: "<,>,*,%,&,:,\,?"
then a little lower down it has the same thing but WITHOUT the question mark.
which is right?
- 4/28/2011
- mr-miles
htmlencode in web.config
When setting this property in web.config, remember to htmlencode, like this for default value:
<httpRuntime requestPathInvalidChars="<,>,*,%,&,:,\,?" />
<httpRuntime requestPathInvalidChars="<,>,*,%,&,:,\,?" />
- 5/6/2010
- just.a.nerd
