Jan 16, 2009 02:42 PM|gunteman|LINK
Is there a setting somewhere I can toggle ON for the .NET to start accepting the encoded ampersand in the url?
The VerificationCompatibility value is that toggle.
Maybe you're running on a 64-bit server? In that case you should set the value in HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ASP.NET\
It's not an encoding issue or related to XML (ASP.NET is not based on XML, really [:)]), it's just one of those extra security measures that Microsoft has put in, since evil URLs have often been used as an attack vector.
From what I've seen, you should avoid ampersands, colons and percent signs.
You could perhaps just replace "&" with "and", and if you still want your files to be named with "&", you could use URL rewriting (in ASP.NET, not in IIS) to handle that. Or the exact opposite, perform the rewriting in IIS (using an ISAPI filter) before
it reaches ASP.NET.