I have just updated one of our development portals from 10.3.1 to 10.4. The portal comes up OK, but when trying to switch between top menu items, the following error is thrown in Internet Explorer 11:
A potentially dangerous Request.Path value was detected from the client (:).
We are running our portal (and IIS-based web adaptor) on Windows Server 2012 R2. Some research indicated that ESRI moved to .NET 4.x at this release, which has more secure request validation in ASP.NET.
The good news is that this error only affects IE configurations that have Compatibility View enabled. The bad news is that many organizations (including ours) have this turned on by default for intranet applications needing earlier versions of IE. I have logged an ESRI case on this, but if anyone experiences this error, turning Compatibility View off is the workaround.
Thanks for this... I am about to bring up our 10.4 dev Portal and of course like any big org, we have to have computability view turned on.
I wonder if there is anyway in IIS to lower the security or tweak a setting to avoid the error?
hi , same problem have and when is not in compatibility setting but is with this situation
portal is 10.4
added to domain
installed and using web adaptor
turned on Active Directory Authentication
SSL certificate ( with certificate authority ) and name is FQDN
and when we add the url of portal to local intranet ( with FQDN and without FQDN)
when open home of portal is ok but when click in top Navigation menu show same error.
we show the link in url is appended .
example we are in home tab and click on gallery the resuts is error and url is example modified:
when using only direct links working.
when removing from local intranet site working without this problem.
we tested to add separately and in trusted sites and local intranet - same results.
We think the problem is in the code of Top Navigation Menu buttons , because inside not showed this problems.
example when we are in map viewer ( in portal ) and using in top menu not have this problem all work
BTW - we have had all sorts of bizzare issues with IE when running in compatbility mode.
Most were related to moving between menu items.
Doubled up URLs (it would show the selected menu item path and then prepend the home path)
And other odd things.
I was told by Esri that:
Compatibility mode was introduced at IE8, and essentially tells your browser to treat web sites as if it was using IE7. Portal for ArcGIS does not support IE7.
For the best performance in the portal website, use the latest browser versions listed below. The scene viewer has its own browser and hardware requirements. Some of the common clients of Portal for ArcGIS have different requirements. See their documentation for details.
• Microsoft Internet Explorer 9 and higher.
• Microsoft Edge
• Mozilla Firefox (version 10 or later)
• Google Chrome (version 10 or later)
• iOS Safari
• Android Browser
• Chrome for Android
Yep, it's not optimal to have to turn off compatibility mode but there it is. Ongoing browser wars, what can you do.
I tested with IE11 version 11.0.29 - Doubled up URLs.
Google Chrome browser - all is correct
The problem with Doubled up URLs is with IE + local intranet.
when add compatibility mode not have other effects in my current configuration
You might try upgrading IE? My version is 11.0.96.
Are you running in Enterprise mode?
I can't recall for sure, but I think the URL doubling at times appeared to be related to the security settings.
Try toggling these settings?
"Allow access to the Portal through HTTPS only"
"Allow anonymous access to your Portal"
I just checked some notes and for us, the doubling went away when we removed the compatibility setting.
This meant removing our domain and unchecking the intranet box on the compatibility setting dialogue box.
I do now that on the servers themselves, I had to mess with the security settings in IE to get things to work correctly.
That was not a doubling thing though.
Are you using a CA or a self-signed cert?
How about the AGS setup?
FWIW - We're on HTTPS only on Portal and on ArGIS Server.
I also recall that in IIS I had to set the SSL Settings to ignore Client certificates.
However, this was related to a 403 permissions error when trying to get to Portal home page.