New to Telerik Reporting? Download free 30-day trial

Unable to Use URL With Encoded Characters in PictureBox

Environment

Product Progress® Telerik® Reporting
Target Framework .NET 4.0

Problem

The Reporting engine often needs to retrieve external resources such as PictureBox images via a URL. When such URL contains percent encoded path delimiters for example, forward slash / encoded as %2F) the request will fail with 400 Bad Request, 404 Not Found, or yield another unexpected result. This happens because under the hood the Reporting engine uses the built-in .NET Uri Class which un-escapes percent encoded path delimiters as a security mechanism against malicious attacks. More details are provided in the Microsoft article section Element (Uri Settings) - Remarks.

For example, the following URL used for the PictureBox.Value property:

http://myshop.com/products/shoes%2Flaces

will be sent to the server as:

http://myshop.com/products/shoes/laces

Depending on the route congiguration of the web application serving the request the result may vary from a 40x error response to a 200 OK result which contains data for an entirely different query.

Solution

To change the default behavior of the Uri class which un-escapes percent encoded path delimiters, use a configuration file setting for each desired URL scheme in the client application. The configuration setting is only applicable to .NET Framework 4.0:

<configuration>
    <uri>
        <schemeSettings>
            <add name="http" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
            <add name="https" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
        </schemeSettings>
    </uri>
</configuration>
In this article