Ajax error 500 when using special characters in a query
Ajax error 500 when using special characters in a query
Symptoms
When performing a query using special characters in a Coveo-powered search page, your browser console displays an error like the following:
Uncaught (in promise) e {message: "Request Error", status: 500, type: "Ajax Error (status: 500)", name: "Ajax Error (status: 500)"}
Notably, using <
, >
, or #
in a search query renders the search page ineffective, even after clearing the search box.
Cause
ASP.NET validates any incoming request by looking for potentially dangerous characters, such as <
, >
, and #
.
The query is then stored in the browser local storage __coveo.analytics.history
key.
Every subsequent query will use this value as actionsHistory
in its call headers.
This is why subsequent queries can continue to trigger the error, even if the user cleans the search box.
Workaround
You can disable the special character validation on requests executed under /coveo/rest
.
-
Open the
<SITECORE_INSTANCE_ROOT>\web.config
file in a text editor. -
Locate the
<system.web>
element.<system.web> <!-- If requestValidationMode attribute of httRuntime node is set to 2.0, Sitecore requires this setting to be set to "false" for Sitecore client to work and it shouldn't be changed. You can however set ValidateRequest attribute in the @Page directive to "true" for your layout .aspx files. -->
-
Just ahead of the
<system.web>
element, add the<location path="coveo/rest">
element shown below.<location path="coveo/rest"> <system.web> <httpRuntime requestValidationMode="2.0" requestPathInvalidCharacters="" /> </system.web> </location> <system.web> <!-- If requestValidationMode attribute of httRuntime node is set to 2.0, Sitecore requires this setting to be set to "false" for Sitecore client to work and it shouldn't be changed. You can however set ValidateRequest attribute in the @Page directive to "true" for your layout .aspx files. -->
-
Save your changes.