0

how to handle request when user directly enters html content in URL. I want to redirect to Error page when user enters html tag in URL is that possible in MVC.

I have tried from BeginExecute event of by creating override method.

Please give some suggestion.

Thanks.

Improve this question
4
  • Any sample code available to reproduce? Can you provide examples of forbidden query string URLs that you want to block using described event? Commented Sep 20, 2017 at 8:20
  • No I want to block any query that contains html in query string value Commented Sep 20, 2017 at 8:43
  • @KevinShah did you try to use HttpUtility.ParseQueryString(), you can get query string params and check them to understand whether they have html tag or not Commented Sep 20, 2017 at 9:05
  • If user enters any html tag in querystring it will not go to action as because in my action I haven't set AllowHtml attribute Commented Sep 20, 2017 at 9:30

3 Answers 3

Reset to default
1

meybe can use RouteHandler for when a user needs to redirect to any external page, shorten long URLs, or make URLs more user friendly.

please check my answer

Error handling ASP.NET MVC

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

You can always choose CustomErrorMode="On" in web.config and configure with your error controller

Custom Error Mode will help you to redirect any invalid or malicious link or content to redirect it to your errorcontroller and handle it the way you want.

Improve this answer

2 Comments

this will redirect to Error page that is correct but I do not want to redirect user on error page but dispaly message but now its ok with redirection
Anyways with redirection you can display a message if any html content is entered in URL and you can configure it in your route by specifying the pattern.
0

You can use Request validation for do it. It prevents to accept un-encoded HTML/XML etc from Client to server. It validates all the data that is passed from client to server. To use this feature , you must set requestValidationMode as 4.5 in web.config like:

<httpruntime requestvalidationmode="4.5" />

For more information please see this article.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.