IIS URL encoding unicode charaters

Question

IIS URL encoding unicode charaters

ASP.NET web application running on localhost (IIS Express), returns HTTP 500 error in response to the query with 3 colons (":"). If query string contains at least one colon, expected that app will return HTTP 400 Bad Request, however it returns error below:

500.19 - Internal Server Error

Module: IIS Web Core

Notification: BeginRequest

Handler: Not yet determined

Error Code: 0x80070459

Config Error: Cannot read configuration file

What's interesting, 500 error returns only for very specific URL (first row in table below):

<table border="1">
<tr>
<th>URL sent</th>
<th>URL human-readable</th>
<th>Server Response</th>
<th>Remarks</th>
</tr>
<tr>
<td>/items/01%3A34%3A%EC%B9%B4%3A%EC%97%85</td>
<td>/items/01:34:카:업</td>
<td><span style="color: red">500 - that is a bug;</span> should be HTTP 400 because there are colons in URL segment</td>
<td>3 colons + Unicode characters</td>
</tr>
<tr>
<td>/items/0134%3A%EC%B9%B4%3A%EC%97%85</td>
<td>/items/0134:카:업</td>
<td><span style="color: green">400 – Bad Request;</span> That is expected because URL segment contains colon</td>
<td>2 colons</td>
</tr>
<tr>
<td>/items/01%3A34%3A%EC%B9%B4%EC%97%85</td>
<td>/items/01:34:카업</td>
<td><span style="color: green">400 – Bad Request;</span></td>
<td>2 colons</td>
</tr>
<tr>
<td>/items/01%3A34%3Aa%3Ab</td>
<td>/items/01:34:a:b</td>
<td><span style="color: green">400 – Bad Request;</span></td>
<td>Unicode characters replaced by ASCII</td>
</tr>
<tr>
<td>/items/01%3A34%3A%EC%B9%B4%3A%EC%97%85%3A</td>
<td>/items/01:34:카:업:</td>
<td><span style="color: green">400 – Bad Request;</span></td>
<td><span style="color: red">The same URL as first one;</span> added extra colon at the end</td>
</tr>
<tr>
<td>/items/01:34:카:업</td>
<td>&nbsp;</td>
<td><span style="color: green">400 – Bad Request;</span></td>
<td><span style="color: red">The same URL as first one;</span> decoded</td>
</tr>
</table>

I have tried implementing HttpModule and HttpHandler to do some URL transformation there, but the code is not being called; seems that server returns error before entering application code.

asp.net

iis

encoding

character-encoding

asked on Stack Overflow Apr 27, 2018 by

fl_int • edited Apr 28, 2018 by

fl_int

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0