This is related to a previous (unanswered) issue I've had with trying to catch request errors in the Global.asax, but it now appears to be more widespread.
The URL redirect feature in IIS7 will not handle URLs which both end in .aspx and contain a colon anywhere in the url. Rather than follow its own redirect rules, IIS7 treats .aspx pages differently to others, and throws
[NotSupportedException: The given path's format is not supported.]
Has anyone else encountered this issue?
Possibly IIS is treating the colon as if it should precede a port number (http://mysite.com:12345) or some other invocation to an IIS- or OS-level command. So, it may be suspicious of some kind of code injection.
You might try this thread: http://stackoverflow.com/questions/3342443/why-is-using-a-url-containing-a-colon-considered-as-a-potentially-dangerous-requ .
Hanselman also had an interesting bit up about url rewriting black magic - check the middle of the article for more on the colon character. http://www.hanselman.com/blog/ExperimentsInWackinessAllowingPercentsAnglebracketsAndOtherNaughtyThingsInTheASPNETIISRequestURL.aspx