Mobile app: A potentially dangerous Request.

Mobile app: A potentially dangerous Request.

  

A potentially dangerous Request.Path value was detected from the client (<).


Error Detail
Back to Log
Id:
606120e6-0d22-4504-a754-da0e7f2adddf
Time of Log:
2017-02-09 14:49:32
eSpace:
WinToto
Tenant:
Users
User:

Session Id:
No session
Server:
S1OAB-LT2DFN
Module:
Global
Message:


A potentially dangerous Request.Path value was detected from the client (<).


Environment InformationeSpaceVer: 110 (Id=320, PubId=304, CompiledWith=10.0.200.2)
RequestUrl: https://toto.outsystemscloud.com/WinToto/<internal> (Method: POST)
AppDomain: /LM/W3SVC/68/ROOT/WinToto-266-131311232845585620
FilePath: C:\OutSystems\Sandboxes\BK4KH0065\Platform Server\running\WinToto\
ClientIp: 222.164.128.196
Locale: en-US
DateFormat: yyyy-MM-dd
PID: 44792 ('w3wp', Started='1/4/2017 11:53:56 AM', Priv=841Mb, Virt=18629Mb)
TID: 89
Thread Name:
.NET: 4.0.30319.42000
Stack:
A potentially dangerous Request.Path value was detected from the client (<).
   at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Hi Linguo,

Is this the url: "https://toto.outsystemscloud.com/WinToto/<internal>"? That's not a valid/secure url. What's your doubt about this error?

João Neves wrote:

Hi Linguo,

Is this the url: "https://toto.outsystemscloud.com/WinToto/<internal>"? That's not a valid/secure url. What's your doubt about this error?

it is a mobile app and i am testing in android phone after installing it. i am not sure when this url is used as i dont have a page called "interal"


Do you have any plugins? That doesn't seem to be a request made by the platform itself.

no plugin, only platform actions and rest api call

Are you able to reproduce the problem?

Can you share the eSpace?

sorry, i replied on wrong topic again....alway thinking about the connection tie out issue... 

i cannot reproducer this issue. the warning message only shows on service studio error log.

Hi Linguo and Joao,

I got the same error on my application:

A potentially dangerous Request.Path value was detected from the client (<).

The offending URL  https://[enviroment].outsystemscloud.com/[appname]/<internal> (Method: POST).

Like you I was confused, where is this URL defined?

It works fine in a browser but on the OutSystems Now app (IOS for me) the app will just hang on open and the error is reported in ServiceCenter.

After dealing with another few weird errors whilst implementing uploading an image using the Upload mobile widget - CSP errors - I noticed a "<internal>" in the Report-To field of the environment's Security Settings.

Could it be a CSP violation that wants to report to:

https://[enviroment].outsystemscloud.com/[appname]/<internal>

If this is the cause, what should be placed in the field?

Kind regards,

CJ