0

I have one client that is accessing our site but appears to be using some type of proxy. When they visit our site root I get an exception logged.

System.Web.HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:). at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)

which sounds like they just put a colon in the path where it shouldn't be but inspection of the IIS logs shows me this

2019-08-21 12:37:43 W3SVC3 SRVR19-WFARM201A 10.212.132.21 HEAD /https:/www.mysitedomain.com/ - 443 - 10.291.191.22 HTTP/1.1 Test+Certificate+Info - - www.mysitedomain.com 400 0 0 1733 592 203 214.61.213.19:34246

This is the only person I see issuing a HEAD HTTP command, and their user agent is odd also.

Is there anyway to gracefully handle this in ASP.NET with MVC so it doesn't get caught as a dangerous request?

BlueB-Resch
  • 1
  • Is that client as in customer or client as in client-server? If it's the latter then look up who has that IP address and if it doesn't matter that they can't use your website then you can just ignore it. Keep the server patched up to date. I know, it makes the event logs messy, but even Google asks for URLs with illegal characters in. – Andrew Morton Aug 22 '19 at 17:25
  • This appears to be a duplicate of this issue, which also has an answer on how to filter this out via your web.config https://stackoverflow.com/questions/3097248/what-software-is-sending-user-agent-test-certificate-info – Michael Cox Nov 20 '19 at 13:00

0 Answers0