Can't pass in “%26” to a WebGet UriTemplate variable in a WCF service?

Question

I have a WCF service with this declared operation:

[WebGet(UriTemplate = "Test/{*testString}")]
public String Test(String testString)
{
    return testString;
}

However when attempting to invoke the URL Test/You%26Me, IIS returns an error:

A potentially dangerous Request.Path value was detected from the client (&).

My goal is to allow an ampersand in the URI via its URL-Encoding: %26

The wildcard did not help. Is there any way to prevent this error without disabling security features?

Answer 1

Try using RequestPathInvalidCharacters configuration property in Web.config avoiding used characters as follows:

<system.web>
   <httpRuntime requestPathInvalidCharacters="<,>,*,:,\\" />
</system.web>