A potentially dangerous Request.Path value was detected from the client (?).

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (?).

Source Error:

Stack Trace:

[HttpException (0x80004005): A potentially dangerous Request.

Path value was detected from the client (?).]

   System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +8884233
   System.Web.ValidateRequestExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +35
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +184

Solution

<system.web>

CMOS De-Animator is a service utility which allows you to invalidate the checksum of your system’s CMOS memory, resetting all settings to default and clearing any stored BIOS passwords (if any) upon re-boot. The main advantage of my utility is, that it can work under every Windows operating system, and no administrator privileges should be normally required! The utility has no GUI – only a confirmation message to begin or exit, error handling messages and a success dialog box upon successful operation. The utility is very portable, no installation required.

Note: In some cases, the utility may show “Operation completed!” without actually doing anything to the CMOS. In that case, executing the application and confirming the clearing process with one-time activated administrator privileges will do the trick. The next time you run the application, you will not need them. This is a driver-related issue.

The 32-bit version of this utility seems to provoke most false alarms on some antivirus programs; check the “Before you download” article for more information.

Download CMOS De-Animator x86 (32-bit)!
Download CMOS De-Animator x64 (64-bit)!
NOTE: You need to download the correct version for your system!

32-bit version MD5: 9ccb42c1ce61c449d68f50b1a9eb04d4
64-bit version MD5: d7d6d2e756b92a116f785d0857e1f4ae

I’ve got a couple of ASP.NET web sites running on the same web server(windown 2008 server) that need to share access to a Key Container used for encrypting and decrypting authentication tickets.

Sample code for the encryption:

try

{

CspParameters cspParams = new CspParameters();

cspParams.Flags = CspProviderFlags.UseMachineKeyStore;

cspParams.KeyContainerName = keyContainerName;

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cspParams);

List<byte> allData = new List<byte>();

}

catch (CryptographicException)

{

// TODO: Log the encryption error

throw;

}

This was encrypting and decrypting fine in the first web site, but the second web site was throwing a CryptographicException “Object Already Exists” when attempting to decrypt the information. After some research it seems this is a security exception to do with access to the key container (basically the ASP.NET user account could tell there was a key container but did not have access to use it for decryption, so was throwing an “Object Already Exists” exception).

This can be fixed with the following command line:
aspnet_regiis -pa “SampleKeys” “NT AUTHORITY\NETWORK SERVICE”

hanging the permission of the folder C:\users\All Users\Microsoft\Crypto\RSA\MachineKeys to everyone full also way to solved this issue.

Microsoft has been released Windows Vista SP2 and Windows Server 2008 SP2 to MSDN and TechNet.MSDN and TechNet Plus subscribers can download standalone SP2 update package for 32-bit (x86), 64-bit (x64) and IA-64 (Itanium i64) based Windows Vista and Windows Server 2008

Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 information for MSDN can be viewed here, and for TechNet here. The Subscriber Downloads pages for Windows Vista and Windows Server 2008 are listed below:

• TechNet: Windows Server 2008
• TechNet: Windows Vista
• MSDN: Windows Server 2008
• MSDN: Windows Vista