I have the following link inside my asp.net mvc web application :-
<a href="~/App_Data/uploads/38.png" rel="nofollow noreferrer noopener">@Model.Name</a>
But when I click on this link, I get the following error :
HTTP Error 404.8 – Not Found
The request filtering module is configured to deny a path in the URL that contains a hiddenSegment section.
So what is causing this problem , and how I can solve it ?
Thanks
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
Create a Controller (e.g. “Streamer”) and Action (e.g. “StreamUploadedImage”) that streams the image (the Action will typically return a FileResult).
Change the url to reference your action, passing the image id as a parameter, e.g. (from memory so syntax may not be accurate):
@Html.ActionLink(Model.Name, "StreamUploadedImage", "Streamer", new {id = "38" })
An alternative would be to put the uploaded image in a location where it can be accessed from the client, e.g. in a subfolder of the Content folder:
<a href="~/Content/uploads/38.png" rel="nofollow noreferrer noopener">@Model.Name</a>
But using a controller gives you more control, e.g. to implement authorization.
Method 2
The path is blocked by your IIS. To resolve, move the files to an other location (“~/Uploads/Images/” perhaps?).
The reason why IIS is blocking some folders is beacause they can contain importent data or files, which the user should not have access to. To avoid hackers from getting this information, the IIS is denying access to any of the files in those folders.
For more information: http://www.iis.net/configreference/system.webserver/security/requestfiltering/hiddensegments
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0