You can use setting in web.config:
<requestFiltering allowDoubleEscaping="true" />
but it will create some security problems because this makes your site more vulnerable to malicious URLs.
What I suggest, either you use another encryption algorithm that doesn't generate these "IIS" sensitive characters, or if you wanna use the above workaround, you need to implement proper URL/User-Input validations in order to make sure that you catch and prevent all suspicious entries.
Posted On: 07-Mar-2019 04:43