Vulnerability in EPiServer.Forms
Hi, We are having issues with image file names having special characters like '+' . e.g:
Requests like <httpprotocol>://upload/FirstName+LastName.jpg throws 404 error. Where as the ones like <httpprotocol>:/upload/FirstName.jpg work fine.
We are using EPiServer VirtualPathNativeProvider and the site is built on CMS 6 R2. We tried setting IllegalCharactersRegEx for the virtualpath (episerver.config), but it doesnt work. Am I missing any configuration? Any suggestions would be really helpful.
Did you find any answer to this?
We are having the same issue. It seems you can't use '+' when you rename the file in the file manager but since we import images as commerce assets from InRiver it can have '+' and '%' but then we get an 404 when we try to open the image.
Have you tried using the encoded URL for these references, for instance "[path]/FirstName%2BLastname"?