In previous versions of ASP.NET, URLs were limited to 260 characters in length (based on the NTFS file-path limit). But in ASP.NET 4.0 developers have the option of increasing or decreasing the length of URLs by using the new maxRequestPathLength and maxQueryStringLength.
maxRequestPathLength - To allow longer or shorter paths (the portion of the URL that does not include protocol, server name, and query string), modify the maxRequestPathLength attribute.
maxQueryStringLength - To allow longer or shorter query strings, modify the value of the maxQueryStringLength attribute.
<httpRuntime maxRequestPathLength="360" maxQueryStringLength="1024" />
ASP.NET 4 also enables you to configure the characters that are used by the URL character check. When ASP.NET finds an invalid character in the path portion of a URL, it rejects the request and issues an HTTP 400 error. In previous versions of ASP.NET, the URL character checks were limited to a fixed set of characters. In ASP.NET 4, you can customize the set of valid characters using the new requestPathInvalidChars attribute of the httpRuntime configuration element, as shown in the following example:
<httpRuntime requestPathInvalidChars="<,>,*,%,&,:,\,?" />
By default, the requestPathInvalidChars attribute defines eight characters as invalid. (In the string that is assigned to requestPathInvalidChars by default, the less than (<), greater than (>), and ampersand (&) characters are encoded, because the Web.config file is an XML file.) You can customize the set of invalid characters as needed.