400 Bad Request From Course with & in Course Id

[Joshua Swain]

I thought I would post here just in case there is something that can be done, though I don't think there is.

I have a client that has a course with an ampersand in the id (i.e. SH&GA).  When calling the courses endpoint I get a 400 Bad Request error.  Endpoint URL: /api/v5/courses/SH&GA

I tried encoding it also /api/v5/courses/SH%26GA and that still gives the same error.

When testing in Postman it appears the response is a .Net exception response ("A potentially dangerous Request.Path value was detected from the client (&)." error) because of the '&'.

I know I can get all the courses in the system directly, then use that, but would try to avoid that if possible.

I was hoping there might be a workaround to send the course id in the query or something instead that could get past the .Net security error.

Thanks for any help anyone can provide,

Josh

[Shawn Dean]

Did you find an answer for this?

[Joshua Swain]

I did not.  I checked today just to see, and the error still exists.  You could, in theory, get all the courses for the entire district, use your own data store, and then pull from there, but you can't get the single course with a "malformed" course id.  For our case, it was just one client, and one course, so we asked them to change it and they obliged.