We are using IT Hit WebDAV .NET Server v6.1.4325 and experience an issue with filenames containing an ampersand (&):
When a request containing filename with an ampersand hits WebDAV’s GetHierarchyItemAsync method in DavContext.cs, the filename gets lost in the path parameter. Filenames without “&” work fine. I have tried escaping it with %26 without a success.
I could see that a similar bug was fixed for AjaxBrowser v3.0.0.2480 on July 11, 2016.
Has anyone experienced a similar issue or knows a solution/workaround?
After analyzing web server's logs, I found out that the problem is in HttpException thrown by the server:
A potentially dangerous Request.Path value was detected from the client (&)This can be solved by removing the
&character from a list ofrequestPathInvalidCharactersunderhttpRuntimeelement in Web.config:<httpRuntime requestValidationMode="2.0" requestPathInvalidCharacters="<,>,*,%,:,\,?" />