-1

We have a webshop written in ASP.net WebForms where you can filter your search results on price. Some prices are < 1.25 € and that translates in the querystring as <+1.25 or %3c+1.25. When I try to access the webshop with that filter I just get a 404 error without any detailed information.

Can anyone help?

Knerd
  • 1,892
  • 3
  • 28
  • 55
  • 3
    use `>` for > and `<` for – fubo May 10 '16 at 08:09
  • https://msdn.microsoft.com/en-us/library/4fkewx0t(v=vs.110).aspx – Dmitry Bychenko May 10 '16 at 08:16
  • This SO post should help http://stackoverflow.com/questions/81991/a-potentially-dangerous-request-form-value-was-detected-from-the-client – Vitani May 10 '16 at 09:12
  • Are you automatically applying the querystring to your data with no validation whatsoever? If you're having problems with < and > either encode it or use something else. – Daniel May 11 '16 at 18:10

1 Answers1

0

http://www.w3schools.com/tags/ref_urlencode.asp

Here's a reference for url-encoding, what's the url when you apply filters?

Chun Yin
  • 290
  • 3
  • 13