问题描述

外部客户端使用包含冒号(:)字符的URL访问我的Azure网站.该请求无效，但是在我的旧IIS服务器上，它将给出404错误.在Azure上，相同的URL将显示500错误.这很浪费我的时间，因为我必须检查日志.这是一个请求示例:

External clients are hitting my Azure website with urls that contain the colon (:) character. The request are not valid, but on my old IIS server it would give a 404 error. On Azure, the same URL will give a 500 error. This wastes my time, as I have to check the logs. This is an example of a request:

http://www.example.com/http:/www.example.com

有什么办法可以避免在服务器端出现这种情况，而是给出4xx错误?请记住，此问题仅在Azure上，我不控制请求.

Is there any way of avoiding this behaviour on the server side, and give 4xx error instead? Keep in mind, this problem is on Azure only, and I do not control the requests.

推荐答案

如果您正在运行.NET应用程序，则这是由ASP.NET HTTP运行时(尤其是其请求过滤功能)引起的.

If you are running a .NET application, then this is caused by ASP.NET HTTP runtime, more specifically by its request filtering feature.

如果URL路径包含任何不允许的字符(<,>,*,%,&,:,\\,?)，则运行时将引发异常，并且由于该异常，IIS返回错误代码500.

If the URL path contains any of the disallowed characters (<,>,*,%,&,:,\\,?), the runtime throws the exception and because of the exception the IIS returns error code 500.

您可以配置在您的web.config文件中不允许使用字符.

You can configure disallowed characters in your web.config file.

<system.web>
    <httpRuntime targetFramework="4.5" requestPathInvalidCharacters="*,%" />
</system.web>

但是我会小心，因为这种更改可能会带来一些安全隐患.

But i would be careful, because there might be some security implications of such change.

这篇关于URL中包含冒号时，Azure网站将引发500错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！