0

I am attempting to open a PDF in the PDF viewer in Chrome browser and it reports missing file when ampersands is present in a directory path, the File Name specifically.

            LinkButton lbnFileName = (LinkButton)e.Row.FindControl("lbnFileName");
            Label lblFolder = (Label)e.Row.FindControl("lblFolder");
            string filePath = "/images/Documents/";
            string sFullPath = lblFolder.Text.Replace("\\", "/") + lbnFileName.Text;
            HyperLink hlDocName = (HyperLink)e.Row.FindControl("hlDocName");
            string vPath = Request.Url.GetLeftPart(UriPartial.Authority) + Request.ApplicationPath;
            string sURL = vPath + filePath + sFullPath.Replace("&", "%26");
            hlDocName.NavigateUrl = sURL;
            hlDocName.Target = "_Blank";
Arraylist
  • 307
  • 3
  • 13

1 Answers1

0

The ampersand is a reserved character in URLs. It's a parameter delimiter, so the browser sees it as the end of a portion of the URL and will likely ignore everything after than as a separate parameter. Try changing the ampersand to it's URL encoded value (%26) and see if that works.

Bryan Lewis
  • 5,629
  • 4
  • 39
  • 45
  • Now I get - A potentially dangerous Request.Path value was detected from the client (&). – Arraylist Mar 14 '17 at 17:53
  • Turn off InputValidation for this action. See this: http://stackoverflow.com/questions/6025522/getting-a-potentially-dangerous-request-path-value-was-detected-from-the-client – Bryan Lewis Mar 14 '17 at 18:08
  • The input validation does work: The PDF opens in a the PDF Viewer, not a webpage I can't set EnableEventValidation="false" in the page directive as well. – Arraylist Mar 14 '17 at 18:14
  • When you are returning this PDF to browser, are you doing it via code (e.g. dynamic PDF) or are you simply pointing directly a static PDFs URL on the filesystem? If dynamic are you using MVC? – Bryan Lewis Mar 14 '17 at 18:18
  • Try: string sURL = vPath + filePath + Server.UrlEncode(sFullPath); – Bryan Lewis Mar 14 '17 at 18:34
  • Still getting A potentially dangerous Request.Path value was detected from the client (&). Its opening it in PDF viewer of browser...Remember. – Arraylist Mar 17 '17 at 22:13
  • If the final URL that is causing the error is displaying in your browser, can you paste it here? You can change the domain name if youwant, but I would be interested in seeing the actual URL. – Bryan Lewis Mar 17 '17 at 22:29
  • http://localhost/USABusinessIns/Images/Documents/Damien%20Vuignier%20DBA%20High%20Octane%20HVAC%20ID9507/Insurance-ProposalRSS%20%26%20SST.pdf – Arraylist Mar 17 '17 at 23:22
  • Did you take a look at this post: http://stackoverflow.com/questions/5967103/a-potentially-dangerous-request-path-value-was-detected-from-the-client The second answer (not the one marked as correct), with the "requestPathInvalidCharacters" web.config option may work for you. Just remove the ampersand from the list. There is another similar article at http://www.hanselman.com/blog/ExperimentsInWackinessAllowingPercentsAnglebracketsAndOtherNaughtyThingsInTheASPNETIISRequestURL.aspx – Bryan Lewis Mar 19 '17 at 23:09
  • I tried everything you list above and all the other stuff from that post and still I can't get rid of that ampersand error. I even found something about Url re-write code for the Web.config and that didn't work.I even tried opening the PDF in a Webpage as an Iframe and that didn't work. – Arraylist Mar 21 '17 at 16:47