I have been looking for a way to define my own errors in ASP.NET MVC4 using C#. For example, say I have a C# file where I encounter an exception. I would like to trigger the ASP.NET default error page and fill the title and description in with my own error.
To clarify, I am not looking to create a custom error page, as I already know how to do that. Instead, I want to trigger and display my own error message on the default ASP.NET error page. I would like to avoid throwing an exception and never catch it, as I feel that might be a corny way of making ASP.NET choke.
Can anyone show me how I can trigger the error page?
Thank you for your time.
You will get this by adding this into Global.asax file.
protected void Application_Error(object sender, EventArgs e)
{
var httpContext = ((MvcApplication)sender).Context;
var currentRouteData = RouteTable.Routes.GetRouteData(new HttpContextWrapper(httpContext));
}
You will get all the details in "currentRouteData" then you can do whatever you want to do with this errors.
Related
This question already has answers here:
How to get which page threw an exception to Application_error in aspx
(2 answers)
Closed 5 years ago.
If I have a page on my ASP.NET MVC site called
http://www.example.com/document/first
but someone tries to access
http://www.example.com/documents/first
http://www.example.com/first
The page will error and application_error will fire because it can't find a controller for documents. How do I get the error address in Application_error. I don't seem to get the whole raw url i.e. /documents/first
Before there's the suggestion of adding a route or a URL Rewrite, I don't want to do that because there can be tens of different possible error addresses.
I just want to know the web address of the missing page in the application_error.
After the application-error function has been called, it goes to the error page that I've set up in the web.config and that gets the URL and processes it accordingly but I want to do the processing in the global.asax so there's no redirecting involved.
try this one :
get exception in Application_Error method in Global.asax
protected void Application_Error(Object sender, EventArgs e)
{
try
{
var url = HttpContext.Current.Request.Url.OriginalString;
}
}
I am trying to move the content of a textbox on the from StudentRegistration to the form MyProfile by following a tutorial on YouTube. However when I try to reference the StudentRegitration Page in my code, I get the error that the type or namespace cannot be found.
In the tutorial I can see that in their code they have a namespace, however my website does not. Could anyone tell me what to do in order to be able to reference StudentRegistration without getting an error?
I should have stated that I have a website not a web app. I have found that websites do not have a default namespace. How would I go about accessing the StudentRegistration without referencing a namespace?
public partial class MyProfile : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (PreviousPage != null)
{
StudentRegistration LastPage = (StudentRegistration)Context.Handler;
lblEmail.Text = StudentRegistration.STextBoxEm;
}
}
}
Rather than answer your question directly, I'd like to point out another issue with your code that will probably prevent it from working. You should refer to the documentation on the PreviousPage property at: http://msdn.microsoft.com/en-us/library/system.web.ui.page.previouspage%28v=vs.110%29.aspx
It does NOT work like this:
user visits /StudentRegistration.aspx
user does stuff
user submits the form on /StudentRegistration.aspx
server redirects the user to /MyProfile.aspx
MyProfile class knows that PreviousPage = the class from /StudentRegistration.aspx
Instead, the description from the msdn reference page linked above stipulates that the PreviousPage property only works on this scenario:
user visits /StudentRegistration.aspx
user does some stuff
user submits form on /StudentRegistration.aspx
server transfers request to the MyProfile class
this does not mean that the url has changed to /MyProfile.aspx for the user, this means that the server is going to treat the current request to /StudentRegistration.aspx as if it were actually a request to /MyProfile.aspx
the user ends up seeing the result of what would normally be /MyProfile.aspx on /StudentRegistration.aspx
Now, your code may actually want that, but the fact that you have:
if (PreviousPage != null)
{
StudentRegistration LastPage = (StudentRegistration)Context.Handler;
// this should be
// StudentRegistration LastPage = (StudentRegistration)PreviousPage;
}
makes me think that you have misinterpreted the somewhat misleadingly named PreviousPage property. For a sample of how to persist state across multiple page loads in .NET, I would recommend reading up on SessionState. It has a somewhat complicated name, but does more of what you would want in this scenario:
http://msdn.microsoft.com/en-us/library/ms178581%28v=vs.100%29.aspx
An added bonus is that you do not need to reference one class from another, so you fix your current bug later on. Additionally, even if you did resolve your potential namespace error, the issue that I outlined earlier will cause the value of the text field to be blank if your code is working as I suspect.
You are sending data from a source to a target - e.g. StudentRegistration -> MyProfile
You have options because at the end of the day, it is HTTP. Aside from "persistence" (Session), and the tutorial you are following, a "simpler" way is to use ButtonPostBackUrl.
All it means is that you are POSTing data to the target page. The target page (MyProfile) will have to validate and parse the posted data (Request.Form). This way you don't have to manage things like Session state.
In my global I have the following code to handle when an error occurs
//[..] code goes here
Server.Transfer("~/Error.aspx?ErrorID=" + errorId);
It used to be a Response.Redirect which worked perfectly except that it changed the url (which is why I want to use Server.Transfer)
Unfortunately, now when it tries to load the Error page, it crashes on the Masterpage when it tries to refer to the Session
HttpException:
Session state can only be used when enableSessionState is set to true,
either in a configuration file or in the Page directive. Please also
make sure that System.Web.SessionStateModule or a custom session state
module is included in the \\
section in the application configuration.
I do have enableSessionState in both my config and my page.
I also found some links which suggest using Context.RewritePath - that just causes a blank page to load for me.
Using Response.Redirect works perfectly and as expected, so I assume Server.Transfer is the issue here. What is it?
EDIT Code:
protected void Application_Error(object sender, EventArgs e)
{
lock (_lockMe)
{
Exception ex = Server.GetLastError();
if (ex != null)
{
if (ex.InnerException != null)
ex = ex.InnerException;
ErrorLoggingManager.AddError(ex, new MembershipData(), ...); //etc
}
Server.ClearError();
//Some other database code for cleaning up some stuff when an error happens
}
try
{
if (Response != null)
{
//Get the last error logged
MyDataContext db = new MyDataContext();
int errorId = db.LoggedErrors.OrderByDescending(le => le.ErrorId).Select(le => le.ErrorId).FirstOrDefault();
Server.Transfer("~/Error.aspx?ErrorID=" + errorId);
}
}
catch (Exception)
{
}
}
As you have not posted much code. So without seeing the actual implementation you have done. I could suggest you below points.
Point 1. First of all, you need to check if SessionState is enabled for pages. You could set them globally in web.config file. Try the snippet given below in web.config
<configuration>
<system.web>
<pages enableSessionState="true" />
</system.web>
</configuration>
Point 2. And put your Redirection in Application_Error in Global.asax.
public void Application_Error(object sender, EventArgs e)
{
HttpApplication app = (HttpApplication)sender;
app.Server.Transfer("~/Error.aspx?ErrorID=" + errorId,true);
}
Point 3. Also check if your SessionStateis set properly in IIS too.
Details are on MSDN to enable sessionstate
Hope this helps..!!!
From what I understand, Server.Transfer sends the content of another page to the client rather than the requested content. If that is the case, then I am wondering if it does not have something to do with applying a master page to the error page? I had a similar error years ago with earlier technology and it turned out that the master page did not like what I was trying to do.
I hope this helps at least point to a solution.
Here's what the problem is:
If there is a page render exception (ex. "File Not Found") then Server.Transfer screws up the session. This has something to do with it being called during the page render.
As long as you are not appending headers before the error occurs, Response.Redirect will work just fine; if you are, however, using Response.AppendHeader then Response.Redirect will not work during a page render.
Try using HttpContext.Current.RewritePath instead. That should fix all these problems. For whatever reason, RewritePath() does not care that the page hasn't finished rendering.
why not just use customErrors in web.config to do the redirect?
<customErrors mode="Off" defaultRedirect="~/Common/Error.aspx">
<error statusCode="403" redirect="~/SM_AccessDenied.aspx" />
<error statusCode="404" redirect="~/Common/FileNotFound.aspx" />
</customErrors>
I had the same problem in a different context a while ago. I don't know if it is your case, but if you're using IIS7 on Windows 2008, in addition to setting enableSessionState=true in your web.config, you have to put your modules inside the <system.webServer> section, instead of <system.web>. Changing this little thing solved it for me.
Why don't you try like this:
The Server.Transfer method also has a second parameter—"preserveForm". If you set this to True, using a statement such as Server.Transfer("WebForm2.aspx", True), the existing query string and any form variables will still be available to the page you are transferring to.
So I think doing like this your session will not expire.
Server.Transfer("~/Error.aspx?ErrorID=" + errorId,True);
The error you are encountering is because you are using a query string parameter. Per the msdn docs
However, the path parameter must not contain a query string, or ASP returns an error.
http://msdn.microsoft.com/en-us/library/ms525800%28v=vs.90%29.aspx
Its about 3/4 of the way down the page just above Requirements.
Even though the docs here are mentioning asp. and not asp.net, keep in mind the session state is a feature of IIS and is handled before asp.net is ever called.
#user2110845 : I had faced similar problem few months ago. the problem was with having an underscore in the website name. We were deploying a website in IIS with two different host names(adding two entries through the 'Edit Bindings' option on the website). The host names provided were abc_ts, abc_is. When the underscore was removed then the session problem got resolved.
It seems there are certain characters not allowed in a website host name. Check if that is your problem.
I found the answer here : link (check 'update 2' in the article)
You don't mention what version of ASP.NET you are using, but there were some changes between 2.0 and 3.5 in how unhandled exceptions bubbled their way up through an ASP.NET web app and then IIS.
Among some other possibles, while you are clearing the error you are not setting Context.Response.TrySkipIisCustomErrors = true; While this particular flag could have nothing to do with your issue (and is only available for 3.5+), it also could help deal with what is potentially two error pages behind the scenes that are obscuring the real issue. Regardless, it'll save you a lot of grief (at least if you are running 3.5+) with other potential issues. Check out two posts I wrote several years back that may be helpful: while they don't cover session handling, they do cover the multiple song-and-dance routines I had to follow to get proper 500 and 404 handling in various versions of ASP.NET. It's possible you will run into something that will get you further ahead, if not all the way there.
http://www.andornot.com/blog/post/Errors-Sending-the-Right-Message-(Redux-Covering-ASPNET-3540).aspx
http://www.andornot.com/blog/post/Errors-Sending-the-Right-Message.aspx
Default, .NET has a security to deny user to input HTML text, ex: '<html>'. When submitting a form request which there is an input contains a HTML text, a yellow error page is displayed with error content "A potentially dangerous Request.Form value was detected from the client ...".
I have a question about this problem. Can I configure .NET set ModelState.IsValid = false instead of showing a yellow page? Or is there a solution to solve my problem? I hate yellow page and I want user to know the reason of error as "HTML text is forbidden on field name XXX"
Thanks.
You shouldn't allow your application display yellow pages at all. For this you should set customErrors mode to On in web.config: <customErrors mode="On" />
You could filter this exception in Global.asax and display the error page you want for this type of exception:
protected void Application_Error(object sender, EventArgs e)
{
Exception ex = Server.GetLastError();
if (HttpContext.Current.IsCustomErrorEnabled)
{
var controller = new ErrorController();
var routeData = new RouteData();
var action = "AccessDenied";
if(ex is HttpRequestValidationException)
{
action = "XSSError";
}
httpContext.ClearError();
httpContext.Response.Clear();
httpContext.Response.StatusCode = ex is HttpException ? ((HttpException)ex).GetHttpCode() : 500;
httpContext.Response.TrySkipIisCustomErrors = true;
routeData.Values["controller"] = "Error";
routeData.Values["action"] = action;
((IController)controller).Execute(new RequestContext(new HttpContextWrapper(httpContext), routeData));
}
}
For this you must have ErrorController and XSSError action
There is a lot of discussions here for this theme:
A potentially denegerous request form value
A potentially dengerous request path value
UPDATE:
ASP.NET Request Validation executes before the BeginRequest phase. Here no ModelState exists yet. Above I showed a way to configure asp.net to handle exception thrown by validation generally. In order to let you request with dangerous data go further - you need to turn off asp.net request validation (see links above how to do it) and validate your fields on your own in your action or custom binder.
Good question. The yellow page indicates application error (particularly unhandled exception of type HttpRequestValidationException) rather than model validation fail. Thus it's not possible to recover from it, unless you know there to put a try block. I guess it fails somethere in MVC's default validation handler, so unless you override it it's not possible to catch the exception. Unfortunatelly I'm not proficient with MVC enough to say how you can override default validation process.
However for most purposes it's enough to set [AllowHtml] to you data model property in question. After that, exception no longer will be thrown, and you are free to apply manual checks to your VM in controller and can set ModelState errors manually using:
ModelState.AddModelError("msg", "msg field contains html markup");
Problem
Currently, I'm looking to serve a custom 500 error page as well as log and alert a web master about the condition that was hit (What URL, stack trace, timestamp, etc.).
I tried defined custom http errors under system configuration, but the error pages were not hit.
I am able to handle 404s and their related errors (layoutnotfound).
Question
Should I intercept the context in global.asax to handle the 500 errors and return a custom page? Is there another way with Sitecore to achieve what I'm looking for?
Mainly, I'm looking for best practice of logging / alerts for 500 errors with Sitecore
Try using ELMAH.
Here is an article on using it with Sitecore.
Elmah is great and does a good job. You can also use log4net to log exceptions. All you do is add an application_error method in global.asax and you can track all the errors that occur. You can also add different appenders and can log messages in a log file, database and email them.
Here is the code that logs the error and includes some additional information like url and Current sitecore item:
private static readonly ILog log = LogManager.GetLogger(typeof(Global));
protected void Application_Error(object sender, EventArgs e)
{
if (Context != null)
{
Exception error = Context.Server.GetLastError().GetBaseException();
log.Fatal(
GetErrorMessage(), error);
}
}
private string GetErrorMessage()
{
StringBuilder sb = new StringBuilder();
sb.AppendLine("Application_Error: Unhandled exception has been occured.");
try
{
sb.AppendLine("Current Request: " + Context.Request.RawUrl);
Sitecore.Data.Items.Item currentItem = Sitecore.Context.Item;
if (currentItem != null)
sb.AppendLine(String.Format("Current Item ({0}): {1}", currentItem.ID, currentItem.Paths.FullPath));
if (Sitecore.Context.Database != null)
sb.AppendLine("Current Database: " + Sitecore.Context.Database.Name);
}
catch { } // in no way should we prevent the site from logging the error
return sb.ToString();
}
If you want an easy solution I would recommend going with Elmah. If you want to have more control and more logging options you should go with a custom log4net solution.
I tried defined custom http errors
under system configuration, but the
error pages were not hit. I am able to
handle 404s and their related errors
(layoutnotfound).
On that particular point...Be aware that custom errors behave differently when accessed locally. Also, by default you need to use physical files (not sitecore pages) for these pages. You need be aware of IIS behaviour when returning status codes over 200 and how it is dependant on the configuration within web.config and (if running in integrated mode) the section. In particular, see the flow chart half way down the first link below.
http://learn.iis.net/page.aspx/267/how-to-use-http-detailed-errors-in-iis-70/
http://www.iis.net/ConfigReference/system.webServer/httpErrors
http://msdn.microsoft.com/en-us/library/ms689487(v=VS.90).aspx
You might also want to change the RequestErrors.UseServerSideRedirect setting to "true" to provide better http responses without redirects.