Posted by Barry Dorrans on Dec 04

I believe that’s the asp.net error page you’re seeing (Was it yellow?)

That exception is from Request Validation (which we don’t consider a security boundary any more, and we advise folks to
validate themselves, as validation is context specific).

You’re seeing the dev error page, which by default is only shown if you’re accessing via //localhost. Developers can
override that setting to always show the default…