Our application needs to use URLs similar to http://localhost/requesthandler/api/v2/data/C0%252F37332%257CCollectionc as part of its REST API. We've been developing for 9+ months with Apache on our development servers and now for our customers we prefer to use IIS.
I've gone through and set RequestFiltering for allowDoubleEscaping=true everywhere using the IIS manager dialog and verified in the config files. When that didn't work, I followed the suggestion of removing the RequestFiltering module.
With or without the RequestFiltering module, I get:
[HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (%).]
System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +12353279
System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +166
I haven't been able to make any sense of the Failed Request Trace except that it seems to indicate a failure in authentication but it then seems to continue processing by redirection to the Wildfly isapi filter but we have nothing in wildfly or application logs to indicate the request arrived.
We are running IIS 8.5 and using the Wildfly ISAPI-filter to use Wildfly 9 applications to process the requests. (Note ... Wildfly works fine when the sever is Apache 2.4)
How do we get IIS to allow double escaping?