Re: Underscore and hyphen changed to ASCII code in URL?
From: Wade A. Hilmo [MS] (wadeh_at_microsoft.com)
Date: 12/07/04
- Next message: hs: "IIS logging analyse per page"
- Previous message: Joe: "FTP logon/authentication"
- In reply to: Daniel A: "Underscore and hyphen changed to ASCII code in URL?"
- Next in thread: Daniel A: "Re: Underscore and hyphen changed to ASCII code in URL?"
- Reply: Daniel A: "Re: Underscore and hyphen changed to ASCII code in URL?"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 7 Dec 2004 08:00:10 -0800
Hi Daniel,
You are seeing this because http://website/abc-xyz results in a courtesy
redirect. When IIS builds the 302 response to do the redirection, it
encodes the URL to defeat cross site script injection vulnerabilities.
You can read the following thread for a discussion of this issue and some
more detail:
Thank you,
-Wade A. Hilmo,
-Microsoft
"Daniel A" <DanielA@discussions.microsoft.com> wrote in message
news:494C4668-AA77-489D-BD73-8F2907FEE0E5@microsoft.com...
> Hi all,
>
> Why undercores and hyphens in directory names are changed to the ASCII
code
> by IIS in the URL response? But as long I have a "/" after the last
directory
> the URL is returned correctly. Exemple this http://website/abc-xyz is
> returned like this http://website/abc%2Dxyz. But it is returned unchanged
in
> those scenarios : http://website/abc-xyz/ or
http://website/abc-xyz/index.aspx
>
> Is anyone has an idea why,
>
> Thanks,
> --
> Daniel
- Next message: hs: "IIS logging analyse per page"
- Previous message: Joe: "FTP logon/authentication"
- In reply to: Daniel A: "Underscore and hyphen changed to ASCII code in URL?"
- Next in thread: Daniel A: "Re: Underscore and hyphen changed to ASCII code in URL?"
- Reply: Daniel A: "Re: Underscore and hyphen changed to ASCII code in URL?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
