Web api is giving error on passing * as the input value to the api method parameter

Question

I am using asp.net mvc web api and i have this method

     [HttpGet]
    public  LoginResult AuthenticateOnlineBookingUser(String userName,String password)
    {

         //My Code

    }

The problem is that when i pass (*) as input value to the parameter (password) i receieve this error but on other inputs it is working perfectly

A potentialy dangerous Request.Path.value was detected from client(*)

Thanks in advance

Note:My client side is written in angular js

i tried this solution as well Getting "A potentially dangerous Request.Path value was detected from the client (&)" but it is not working for me

Possible duplicate of [A potentially dangerous Request.Path value was detected from the client (\*)](http://stackoverflow.com/questions/5967103/a-potentially-dangerous-request-path-value-was-detected-from-the-client) — Nkosi, Mar 14 '16 at 05:44
one more thing i have a password that contains * i cannot override this value — Hassan Tariq, Mar 14 '16 at 05:51

score 1 · Accepted Answer · edited May 23 '17 at 10:28

1

You need to set the options for invalid characters. You can do this in your web.config as shown here.

edited May 23 '17 at 10:28

Community

1
1

answered Mar 14 '16 at 05:38

Lex

6,758
2
27
42

when i add these inside my web config my application gave error – Hassan Tariq Mar 14 '16 at 05:43
HTTP Error 500.19 - Internal Server Error The configuration section 'httpRuntime' cannot be read because it is missing a section declaration – Hassan Tariq Mar 15 '16 at 04:40
@HassanTariq You put that inside the `` section, right? – Lex Mar 15 '16 at 04:47
Wild. I have no idea what is causing that. Does [this post](http://stackoverflow.com/questions/14589905/http-error-500-19-in-iis-8-when-system-web-configuration-is-present-in-apphost-c) help at all? – Lex Mar 15 '16 at 04:55
Actually my application is running on visual studio – Hassan Tariq Mar 15 '16 at 04:59

score 0 · Answer 2 · answered Mar 14 '16 at 05:40

0

Use url encoder to encode the request before sending it to server.

answered Mar 14 '16 at 05:40

TusharJ

1,213
2
11
18

score 0 · Answer 3 · answered Mar 15 '16 at 05:25

0

Finally solved my problem by changing my GET request to POST request The problem was with query string in Order to solve it with GET Request i have to make some changes to my query string in order to make it work but

answered Mar 15 '16 at 05:25

Hassan Tariq

730
7
15

Web api is giving error on passing * as the input value to the api method parameter

3 Answers3