Unable to use URL with encoded characters in PictureBox
|Product||Progress® Telerik® Reporting|
The report engine often needs to retrieve external resources such as PictureBox images via a URL. When such URL contains percent encoded path delimiters (e.g. forward slash encoded as '%2F') the request will fail with '400 Bad Request', '404 Not Found', or yield another unexpected result. This happens because under the hood the report engine uses the built-in .NET Uri Class which un-escapes percent encoded path delimiters as a security mechanism against malicious attacks. More details are provided here.
For example, the following URL used for the PictureBox.Value property:
will be sent to the server as:
Depending on the route congiguration of the web application serving the request the result may vary from a 40x error response to a 200 OK result which contains data for an entirely different query.
To change the default behavior of the Uri class which un-escapes percent encoded path delimiters, use a configuration file setting for each desired URL scheme in the client application. The configuration setting is only applicable to .NET Framework 4.0.
<configuration> <uri> <schemeSettings> <add name="http" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/> <add name="https" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/> </schemeSettings> </uri> </configuration>