I'm using the jQuery jstree plugin (http://jstree.com) in a ASP.NET MVC 2 project on .NET 4 RC, and running on IIS 7.5. It comes with some stylesheets with inline images with data urls, like this:
.tree-checkbox ul { background-image:url(data:image/gif;base64,R0lGODlhAgACAIAAAB4dGf///yH5BAEAAAEALAAAAAACAAIAAAICRF4AOw==); }
Now, the url for the background image contains a colon, which .NET 4 thinks is an unsafe character, so I get this error message:
A potentially dangerous Request.Path value was detected from the client (:).
According to the documentation, I am supposed to be able to prevent this by adding
<system.web>
<httpRuntime requestValidationMode="2.0"/> <pages validateReq开发者_如何学运维uest="false"/> <system.web>
to my Web.config, but that doesn't seem to help. I have tried adding it to the main Web.config for the application, as well as to a special Web.config in the /config folder, but to no avail.
Is there any way to get .NET to allow this?
Are you using IIS7?
IIS7 validates requests differently and you have to "revert" its behavior to ignore potentially dangerous requests.
<system.web>
<httpRuntime requestValidationMode="2.0"/>
</system.web>
精彩评论