Dr-Hack
  •  Dr-Hack
  • 100% (Exalted)
  • YAF All-the-Time Topic Starter
2014-02-08T12:21:39Z
Hello,
This Applies to a DNN installation running YAF with the WhatsNew YAF Module

If a Topic name Contains * / or Spaces YAF will change them into "-" to avoid sql breech for Example
WhatsNew Module Shows :
http://justlol.us/tabid/27/g/posts/m/17484/*****%20BEST%20FRESH%20DUMPS%20SUPPLIER%20-%20VENDOR%20DUMPS%20-%20SKIMED%20DUMPS%20-%20DB%20DUMPS%20*****.aspx#post17484

YAF Shows :
http://justlol.us/Forum/tabid/27/g/posts/t/6984/------BEST-FRESH-DUMPS-SUPPLIER---VENDOR-DUMPS---SKIMED-DUMPS---DB-DUMPS#post17484


but the module is not filtering it , so the DNN error Kicks in ..
UserPostedImage

Error Code:

Server Error in '/' Application.
A potentially dangerous Request.Path value was detected from the client (*).
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 
Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (*).
Source Error: 
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace: 
[HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (*).]
   System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +9672340
   System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +53


this would directly concern  tha_watcha , but he being in lead now i am ok if i post it here :)

Thanks..Take Care
Sponsor
tha_watcha
2014-02-08T15:19:25Z

About Us

The YAF.NET is an open source .NET forum project. YAF.NET is supported by an team of international developers who are build community by building community software.

Powered by Resharper Donate with PayPal button

Project Twitter Updates

Copyright © YetAnotherForum.NET & Ingo Herbote. All rights reserved