Hi @Liangjun Hu,
The asp.net core built-in validation doesn't automatically reject the requests containing potentially dangerous content in the query string. For your issue, I guess you have some specific custom middleware which contains the validation.
To solve this issue, I suggest you could consider creating a custom middleware to use the htmlencode method to encode the query to avoid the validation.
More details, you could refer to below codes:
Create a middleware and put it at first like below:
...
var app = builder.Build();
app.Use(async (context, next) =>
{
var query = context.Request.QueryString;
var encodestring = System.Web.HttpUtility.HtmlEncode(query);
context.Request.QueryString = new QueryString($"{encodestring}");
await next(context);
});
...
Result:
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.