没有加密的<script>alert('XSS')</script>
加密一次的结果%3Cscript%3Ealert('XSS')%3C%2Fscript%3E
http://localhost:25665/MvcExample/%3Cscript%3Ealert('XSS')%3C/script%3E
A potentially dangerous Request.Path value was detected from the client (<).
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (<).
加密两次的结果%253Cscript%253Ealert(%27XSS%27)%253C%252Fscript%253E
http://localhost:25665/MvcExample/%253Cscript%253Ealert(%27XSS%27)%253C%252Fscript%253E
HTTP Error 404.11 - Not Found
The request filtering module is configured to deny a request that contains a double escape sequence.