We are developing a web application using EPiServer 7.5 MVC.
During the testing phase, we have discovered that when an editor publishes a page with a long URL we receive an error detailed below:
"The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters."
If the URL is shortened, the error doesn't appear.
One of the suggested fixes for this is to set 'relaxedUrlToFileSystemMapping' in the web.config to true. This does work, however, I am unsure of the impact of this and what the security risks are by enabling this within a web application.
Firstly, is the 'relaxedUrlToFileSystemMapping' fix a recommended approach? Has anyone implemented anything different to get around this issue?
Thanks
Scott Hanselman (Microsoft employee, ASP.NET and Azure teams I believe) discusses it a little bit. He describes it as "turning a safety off". He doesn't go into specific implications though.
It looks like he's suggesting an alternative, if the Query String is the part that's too long:
<httpruntime maxquerystringlength="2048" maxrequestpathlength="260"></httpruntime>
However, I recommend you make it so you don't need a ridiculously long URL in the first place. They should be short and easy to type, or "hackable".