Cd C:\Windows\System32\inetsrv
appcmd set config "Default Web Site" /section:system.webserver/Security/requestFiltering -allowDoubleEscaping:True