Unable to use URL with encoded characters in PictureBox
Environment
Product | Progress® Telerik® Reporting |
Framework | .NET 4.0 |
Problem
The report engine often needs to retrieve external resources such as PictureBox images via a URL. When such URL contains percent encoded path delimiters (e.g. forward slash encoded as '%2F') the request will fail with '400 Bad Request', '404 Not Found', or yield another unexpected result. This happens because under the hood the report engine uses the built-in .NET Uri Class which un-escapes percent encoded path delimiters as a security mechanism against malicious attacks. More details are provided here.
For example, the following URL used for the PictureBox.Value property:
http://myshop.com/products/shoes%2Flaces
will be sent to the server as:
http://myshop.com/products/shoes/laces
Depending on the route congiguration of the web application serving the request the result may vary from a 40x error response to a 200 OK result which contains data for an entirely different query.
Solution
To change the default behavior of the Uri class which un-escapes percent encoded path delimiters, use a configuration file setting for each desired URL scheme in the client application. The configuration setting is only applicable to .NET Framework 4.0.
<configuration>
<uri>
<schemeSettings>
<add name="http" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
<add name="https" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
</schemeSettings>
</uri>
</configuration>