I’m getting quite a few .NET exceptions in my logs as a result of social media sites requesting images I’ve designated using open graph, etc. I believe these particular requests are coming from Facebook, and what they’re doing is requesting specific images but appending &cfs=1 to the end (i.e. “wide-receiver-rankings.jpg&cfs=1”).
I assume that the exception must be causing a problem when someone is sharing my content, but I’m not sure how to avoid the .NET exception and serve the image properly. Here is a sample exception:
Exception information:
Exception type: System.Web.HttpException
Exception message: A potentially dangerous Request.Path value was detected from the client (&).
Thanks. I was able to remove ‘&’ from the list of invalid characters, and through this I was able to get past the ‘dangerous Request.Path’ error.
requestPathInvalidCharacters="<,>,*,%,:,\\"
However, now the ASP.net engine just thinks that the URL is pointing to a non-existent resource (presumably because it thinks the ‘&cfs=1’ is part of the file name). Is there a way at this point to strip-off the trailing characters and just serve the image? This will deprive whatever application is requesting the resource of the URL parameters, but at least it won’t get an exception. I’m not sure if this is a better solution or not.
Is there any way to determine where these requests are coming from? I can’t find much information on the url variables I’m seeing but what little I did find seems to hint that it’s coming from Facebook.