[Bug]: A potentially dangerous Request.Path value was detected from the client (:)

[mannesandeep]

Is there an existing issue for this?

• I have searched the existing issues

What happened?

Added an Iframe to the page in HTML Editor, while loading the iframe DotNetNuke is logging the error "A potentially Dangerous Request.Path value was detected from the client.
Tried removing the ":" under requestPathInvalidCharacters. But no luck

Steps to reproduce?

1. Login as Admin to the website
2. create a page and add an HTML Editor
3. Add Iframe code in the Editor and save
4. While loading the iframe the error is logged in the system.

Current Behavior

No response

Expected Behavior

It should read the iframe Origin url

Relevant log output

2024-07-01 06:43:14, 390 [Thread:43][FATAL] DotNetNuke.Web.Common.Internal.DotNetNukeHttpApplication - System.Web.HttpException (0x80004005) : A potentially dangerous Request.Path value was detected from the client (:).
at system.web.httprequest.ValidateInputIfRequiredByconfig()
at system.web.httpapplication.PipelineStepManager.ValidateHelper (httpcontext context)

Anything else?

No response

Affected Versions

9.13.3 (latest release)

What browsers are you seeing the problem on?

Chrome

Code of Conduct

• I agree to follow this project's Code of Conduct

[mitchelsellers]

What exact content are you placing? I know many that add frame content in without issue.

Is the error after the content is saved or when trying to save?

[mannesandeep]

The issue is appearing at the time of iframe loading.

[valadas]

I am sorry but we can't really be of any help unless we are able to make it happen, we need the actual iframe code that can make this fail.

If you can add an example for us to completely be able to reproduce a failing scenario, I'll be happy to re-open this issue.