New to Telerik Reporting? Download free 30-day trial

Unable to use URL with encoded characters in PictureBox


Product Progress® Telerik® Reporting
Framework .NET 4.0


The report engine often needs to retrieve external resources such as PictureBox images via a URL. When such URL contains percent encoded path delimiters (e.g. forward slash encoded as '%2F') the request will fail with '400 Bad Request', '404 Not Found', or yield another unexpected result. This happens because under the hood the report engine uses the built-in .NET Uri Class which un-escapes percent encoded path delimiters as a security mechanism against malicious attacks. More details are provided here.

For example, the following URL used for the PictureBox.Value property:

will be sent to the server as:

Depending on the route congiguration of the web application serving the request the result may vary from a 40x error response to a 200 OK result which contains data for an entirely different query.


To change the default behavior of the Uri class which un-escapes percent encoded path delimiters, use a configuration file setting for each desired URL scheme in the client application. The configuration setting is only applicable to .NET Framework 4.0.

      <add name="http" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
      <add name="https" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
In this article