Browser seems to ignore caching headers - c#

When an image is requested to my ASP.NET application, my C# code responds with the binary data in addition to the following headers (as capture in Fiddler):
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: image/jpeg
Expires: Fri, 06 Sep 2013 21:43:21 GMT
Last-Modified: Wed, 04 Sep 2013 22:21:27 GMT
ETag: "0x8D0770B10F6F56D"
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 06 Sep 2013 21:13:23 GMT
Content-Length: 39007
My expectation is that the browser will cache this image until at least 21:43 GMT (which is 30 minutes from now) but that's not what happens. When I press F5, my browser sends another request for the image to my ASP.NET application.
What is missing from my headers to ensure the file is properly cached?

Related

Why is my protected HTTP triggered Azure Function App sometimes returning a 401 status code?

Context
I have several micro-services spread across multiple HTTP triggered Function Apps running in a Consumption Plan on Linux and, up until recently, all the Function App instances were using AuthenticalLevel set to Anonymous.
Now, I have switched the AuthenticalLevel to Function and created Function App keys. Of course, all the clients use the x-functions-key header with the correct key.
It works most of the time.
Problem
However, if I call a function in one of the Function Apps that has not been called in a while, I get an HTTP status code of 401 - Unauthorized and the functions in my Function Apps are not triggered.
Now, the weird part is that if I restart the Function App, it works again.
Investigation
I had a hard time finding any clues about what was going on because every time I started logging, it worked again. I left one of my application insights log window opened for a while and I have been able to get the following trace in one of the Function App that started to fail:
[Information] Executing StatusCodeResult, setting HTTP status code 401
I do not know what the error means and upon search, I have found the error mentioned on Github in the following comment:
If you get 401 Unauthorized, find the file function.json, change
authLevel to anonymous if it is set to function(default value in
template). We can't access http trigger in a local container with
authlevel other than anonymous. Because we don't have function keys
yet, which are available after we create a Function app using the
container.
I am not using container (at least not explicitly) so I am worrying that the issue I am facing is out my area of expertise.
Question
Why is the 401 code returned knowing the key used in the header is correct? Is it possible to protect my Function Apps running in a Consumption Plan on Linux using a Function Key?
Logs
Here are more logs starting at the time the request is received by the function host:
[Verbose] Request successfully matched the route with name 'v1-get-account' and template 'api/v1/accounts'
[Information] Request [37760fe9-e2cb-4555-b053-09fc7e294d41] HEAD https://<function_app_dedicated_storage>.blob.core.windows.net/azure-webjobs-secrets/<function_app_name>/host.json
x-ms-version:2021-08-06
Accept:application/xml
x-ms-client-request-id:37760fe9-e2cb-4555-b053-09fc7e294d41
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Storage.Blobs/12.13.0,(.NET 6.0.6; Linux 5.10.102.2-microsoft-standard #1 SMP Mon Mar 7 17:36:34 UTC 2022)
x-ms-date:Sun, 25 Dec 2022 16:16:36 GMT
Authorization:REDACTED
client assembly: Azure.Storage.Blobs
[Information] Response [37760fe9-e2cb-4555-b053-09fc7e294d41] 200 OK (00.0s)
Accept-Ranges:bytes
ETag:"0x8DACA94982533A3"
Server:Windows-Azure-Blob/1.0,Microsoft-HTTPAPI/2.0
x-ms-request-id:e0db0aa4-801e-00a6-2d7c-18269c000000
x-ms-client-request-id:37760fe9-e2cb-4555-b053-09fc7e294d41
x-ms-version:2021-08-06
x-ms-creation-time:Fri, 12 Aug 2022 23:37:07 GMT
x-ms-lease-status:unlocked
x-ms-lease-state:available
x-ms-blob-type:BlockBlob
x-ms-server-encrypted:true
x-ms-access-tier:Hot
x-ms-access-tier-inferred:true
Date:Sun, 25 Dec 2022 16:16:35 GMT
Content-Length:1109
Content-Type:application/octet-stream
Content-MD5:LuFKWHapYzSmnjxmromAuw==
Last-Modified:Sun, 20 Nov 2022 01:14:38 GMT
[Information] Request [9fe0455e-4e3e-497e-8b1f-a13128d8920c] GET https://<function_app_dedicated_storage>.blob.core.windows.net/azure-webjobs-secrets/<function_app_name>/host.json
x-ms-version:2021-08-06
Accept:application/xml
x-ms-client-request-id:9fe0455e-4e3e-497e-8b1f-a13128d8920c
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Storage.Blobs/12.13.0,(.NET 6.0.6; Linux 5.10.102.2-microsoft-standard #1 SMP Mon Mar 7 17:36:34 UTC 2022)
x-ms-date:Sun, 25 Dec 2022 16:16:36 GMT
Authorization:REDACTED
client assembly: Azure.Storage.Blobs
[Information] Response [9fe0455e-4e3e-497e-8b1f-a13128d8920c] 200 OK (00.0s)
Accept-Ranges:bytes
ETag:"0x8DACA94982533A3"
Server:Windows-Azure-Blob/1.0,Microsoft-HTTPAPI/2.0
x-ms-request-id:e0db0aa9-801e-00a6-317c-18269c000000
x-ms-client-request-id:9fe0455e-4e3e-497e-8b1f-a13128d8920c
x-ms-version:2021-08-06
x-ms-creation-time:Fri, 12 Aug 2022 23:37:07 GMT
x-ms-lease-status:unlocked
x-ms-lease-state:available
x-ms-blob-type:BlockBlob
x-ms-server-encrypted:true
Date:Sun, 25 Dec 2022 16:16:35 GMT
Content-Length:1109
Content-Type:application/octet-stream
Content-MD5:LuFKWHapYzSmnjxmromAuw==
Last-Modified:Sun, 20 Nov 2022 01:14:38 GMT
[Information] Request [532132a5-3186-4397-b913-08a0d8a8bb55] HEAD https://<function_app_dedicated_storage>.blob.core.windows.net/azure-webjobs-secrets/<function_app_name>/v1-get-account.json
x-ms-version:2021-08-06
Accept:application/xml
x-ms-client-request-id:532132a5-3186-4397-b913-08a0d8a8bb55
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Storage.Blobs/12.13.0,(.NET 6.0.6; Linux 5.10.102.2-microsoft-standard #1 SMP Mon Mar 7 17:36:34 UTC 2022)
x-ms-date:Sun, 25 Dec 2022 16:16:36 GMT
Authorization:REDACTED
client assembly: Azure.Storage.Blobs
[Information] Response [532132a5-3186-4397-b913-08a0d8a8bb55] 200 OK (00.0s)
Accept-Ranges:bytes
ETag:"0x8DA7CBB927ADEE5"
Server:Windows-Azure-Blob/1.0,Microsoft-HTTPAPI/2.0
x-ms-request-id:e0db0aac-801e-00a6-347c-18269c000000
x-ms-client-request-id:532132a5-3186-4397-b913-08a0d8a8bb55
x-ms-version:2021-08-06
x-ms-creation-time:Fri, 12 Aug 2022 23:37:08 GMT
x-ms-lease-status:unlocked
x-ms-lease-state:available
x-ms-blob-type:BlockBlob
x-ms-server-encrypted:true
x-ms-access-tier:Hot
x-ms-access-tier-inferred:true
Date:Sun, 25 Dec 2022 16:16:35 GMT
Content-Length:519
Content-Type:application/octet-stream
Last-Modified:Fri, 12 Aug 2022 23:37:08 GMT
[Information] Request [208dd98f-c802-4ea2-85eb-525716290cc4] GET https://<function_app_dedicated_storage>.blob.core.windows.net/azure-webjobs-secrets/<function_app_name>/v1-get-account.json
x-ms-version:2021-08-06
Accept:application/xml
x-ms-client-request-id:208dd98f-c802-4ea2-85eb-525716290cc4
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Storage.Blobs/12.13.0,(.NET 6.0.6; Linux 5.10.102.2-microsoft-standard #1 SMP Mon Mar 7 17:36:34 UTC 2022)
x-ms-date:Sun, 25 Dec 2022 16:16:36 GMT
Authorization:REDACTED
client assembly: Azure.Storage.Blobs
[Information] Response [208dd98f-c802-4ea2-85eb-525716290cc4] 200 OK (00.0s)
Accept-Ranges:bytes
ETag:"0x8DA7CBB927ADEE5"
Server:Windows-Azure-Blob/1.0,Microsoft-HTTPAPI/2.0
x-ms-request-id:e0db0ab0-801e-00a6-377c-18269c000000
x-ms-client-request-id:208dd98f-c802-4ea2-85eb-525716290cc4
x-ms-version:2021-08-06
x-ms-creation-time:Fri, 12 Aug 2022 23:37:08 GMT
x-ms-lease-status:unlocked
x-ms-lease-state:available
x-ms-blob-type:BlockBlob
x-ms-server-encrypted:true
Date:Sun, 25 Dec 2022 16:16:35 GMT
Content-Length:519
Content-Type:application/octet-stream
Last-Modified:Fri, 12 Aug 2022 23:37:08 GMT
[Information] Executing StatusCodeResult, setting HTTP status code 401

Why is HttpClient authentication behaving differently between .Net Framework 4.6.2 and .Net Core 5?

I have the same code as below targeting .Net Framework 4.6.2 and .Net Core 5 but seems to yield different authentication behavior.
The .Net Framework version works fine with WWW-Authenticate: Negotiate but the same code fails with the .Net Core version.
Here's the code snippet that I'm using for both.
var server = "https://www.example.com";
var client = new HttpClient(new HttpClientHandler { UseDefaultCredentials = true }) { BaseAddress = new Uri(server) };
var response = await client.GetAsync("/api/token");
var result = response.Content.ReadAsStringAsync().Result;
Console.WriteLine(result);
And here's the entire failure response.
StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Cache-Control: no-cache
Pragma: no-cache
WWW-Authenticate: Negotiate
X-Powered-By: ASP.NET
Date: Fri, 02 Jul 2021 08:30:51 GMT
Content-Type: application/json; charset=utf-8
Expires: -1
Content-Length: 68
}
Is there anything else I missed in the .Net Core version?

Blazor Windows Authentication on Kestrel works locally only? An anonymous request was received in between authentication handshake requests

I created a Blazor application with Windows authentication and hosting with Kestrel/Negotiate following the steps. (https://learn.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-3.0&tabs=visual-studio#kestrel)
Create Blazor app with Windows Authentication
Create a Blazor application using Visual Studio 2019 (16.4.0). (Windows Authentication, https)
Support Windows Authentication using Negotiate and Kerberos
Following the steps to make all work when running using Kestrel.
Import NuGet package Microsoft.AspNetCore.Authentication.Negotiate
Add the following code in ConfigureService() in Startup.cs.
services.AddAuthentication(NegotiateDefaults.AuthenticationScheme).AddNegotiate();
Add the following code in Configure() in Startup.cs. They are added between app.UseRouting(); and app.UseEndpoints(...;
app.UseAuthentication();
app.UseAuthorization();
Windows Authentication not working. Add middleware ValidateAuthentication
It still doesn't work with Windows Authentication until the answer from this question is applied.
Add this in your Configure method:
app.UseMiddleware<ValidateAuthentication>();
Here is the middleware itself:
internal class ValidateAuthentication : IMiddleware
{
public async Task InvokeAsync(HttpContext context, RequestDelegate next)
{
if (context.User.Identity.IsAuthenticated)
await next(context);
else
await context.ChallengeAsync();
}
}
And in ConfigureServices :
services.AddSingleton<ValidateAuthentication>();
Now it works on the local PC.
And the following code is added to CreateHostBuilder() in Program.cs for remotely.
webBuilder.UseUrls(new string[] { "https://*:5001", "http://*:5000" });
Not work on another computer!
However, it pops up a window for the user name/password (it's Windows authentication and shouldn't ask for it again) and gets the following error on my company computer.
When trying at home PCs, it just shows the following message without popup window for username/password.
The output window shows
Request starting HTTP/1.1 GET https://mymachinename:5001/
info: Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler[0]
None
info: Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler[1]
Incomplete Negotiate handshake, sending an additional 401 Negotiate challenge.
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 5.3618ms 401
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 POST https://MyMachineName:5001/_blazor?id=5PKkHuIU8OTq2i8tGbkP0A text/plain;charset=UTF-8 3
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
Executing endpoint '/_blazor'
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint '/_blazor'
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 5.6983ms 200 text/plain
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 POST https://MyMachineName:5001/_blazor?id=5PKkHuIU8OTq2i8tGbkP0A text/plain;charset=UTF-8 3
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
Executing endpoint '/_blazor'
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint '/_blazor'
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 5.331ms 200 text/plain
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 GET https://MyMachineName:5001/
fail: Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler[5]
An exception occurred while processing the authentication request.
System.InvalidOperationException: An anonymous request was received in between authentication handshake requests.
at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
fail: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1]
An unhandled exception has occurred while executing the request.
System.InvalidOperationException: An anonymous request was received in between authentication handshake requests.
at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 80.1697ms 500 text/html; charset=utf-8
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 POST https://MyMachineName:5001/_blazor?id=5PKkHuIU8OTq2i8tGbkP0A text/plain;charset=UTF-8 3
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
Executing endpoint '/_blazor'
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint '/_blazor'
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 11.6024ms 200 text/plain
info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
Executed endpoint '/_blazor'
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/1.1 POST https://MyMachineName:5001/_blazor?id=5PKkHuIU8OTq2i8tGbkP0A text/plain;charset=UTF-8 3
I got the prompt when capturing the network traffice
Session #13: The server (us005) presented a certificate that did not validate, due to RemoteCertificateNameMismatch, RemoteCertificateChainErrors.
0 - A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
SAN: localhost
SUBJECT: CN=localhost
ISSUER: CN=localhost
This warning can be disabled by clicking Tools > Options.
It asks for username/password after I chose ignore the warning. Why it asks for username/password?
The sessions before popup the username/password:
GET https://us005:8091/ HTTP/1.1
Host: us005:8091
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
HTTP/1.1 401 Unauthorized
Date: Fri, 06 Dec 2019 23:11:38 GMT
Server: Kestrel
Content-Length: 0
WWW-Authenticate: Negotiate
Strict-Transport-Security: max-age=2592000
Proxy-Support: Session-Based-Authentication
------------------------------------------------------------------
GET https://us005:8091/ HTTP/1.1
Host: us005:8091
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Negotiate YIIUvQYGKwYBBQUCoIIUsTCCFK2gMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgYKKwYBBAGCNwICCqKCFHcEghRzYIIUbwYJKoZIhvcSAQICAQBughReMIIUWqADAgEFoQMCAQ6iBwMFACAAAACjghJtYYISaTCCEmWgAwIBBaETGxFHQkwuQUQuSEVEQU5JLk5FVKIwMC6gAwIBAqEnMCUbBEhUVFAbHXVzd2xscHJpMDA1LmdibC5hZC5oZWRhbmkubmV0o4ISFTCCEhGgAwIBEqEDAgE/ooISAwSCEf8SPyfVTTIyEghWZnkJmimTadjkmX2k7PMXqFzw5igbGi0rxsNo9kBfA7dXq1NrSCgXDM5moPXdON//Tr6FjxeSkgPd7CTgZCsg8/65iMbkcK9QcbP7taholjBVJDNF810PrsS7jLsIPodS7frM4KTGSXTfrItoCXt0HwVhhQnF81ajnV/MIKoUokDJtJVRlGKurK078JM2Wvik6JAkgj35Xstr4rEbgs6a4SnYGBKiIpFErnNOmYZyL8LyZ4RS09UwJ9jboMIHmKOTG/8ZwuKHoA8G1I/lFc44xoKnz9OqboYr6x9UsnooIZAgYxZ43oO1P+B6xwwu7qgOFPSSW+GSJdErlQYKJP5L9CI1d+jJhgnw9bxqVBT30B055DQYyM0UXWTwHx8TeyIf2rhVsqtvxpiEVXx1F6zB9IpU9770fu4orK6IDowTGOxGuYexl39kdfpweJarJjSQ7cmXOrs7FnZHUVgR6N+OpEoRExAoNEfgqjDE5+HlhbXQ7FQSkOHXN82bdEzSM9ER4EvHCK25vycKyNmyTpwwdC3qSnF6HKYKRAlUt+jCtM8WeKfrrjoripVMFxaBrb6wHGNemGXC7VbJxDBIv/3UVQDWlBSjygkjjhXSWVLCzJRoyGwTII+zIj86O6URFzXpNk5QD2estXKpszMGLRqcl/5kDycjbhw+s/izB3T3hreQPEALhTK+qBy78R6AHNaR/NP7ErVALUoT28Dx1829DLooVaNZ6f9dhbpj9oMe9msLHv/VQr2ychKZdB6meL0j+I+zrVS1krus42BxOcHEbfj3zb22nf2jR5fL94GPaWH/E5WoYEC/NAAIqpI/AAxwtLBTL8dJN9PvwIhMRIUhncnt+6bTpcEK4WGRwwFDQ92pKJMfdwpQU+SULlYIT7Jl+Ew+UlelxAGEM3YcYVanSZOYmtKUFSrj9B8ro+So9A/0Nal0y5+ULhKBOgH/TA8Luc2Dkq5blHEnG5uH1zHwjgcAcBd0WKzY75aX2lXCyM74wobJh2Gkp7Gij1cyzOeNTMUxmmvzFztNhKq8ENhWNY88AExAopaxujA/1smq2QjgreDNRhOi4aDAMbCdCY1UJbfgVWq8qc228cn74WndySUf+Xu0anJW+2DB8i9FxEje0hYEU2MGzFWms1nanHh2KTh/veEEts8gpcnO8fIqTg9Vdf+n9VNY/GedLGxtwFERozvVzKRrTS1alOBs613xzkJtiCtV7VbiPSDv8PjwOVXlfBY3Xqcf/r06KlIc7JrAMNvE5lA2MpqKvJlrCpLNCZFSx/areR9NniZdCWe9hiwnM72oyZdrM7itB56dkiNAIEMwUWpQLMznDMeYG4b37ysCMcm9YlRP++uqYYsfGjVQTwVeoiH2CfdFdyiFTs6zvRFjDC81Qa3jf1V7xbCKSY0OxZcrC04GpOvEuVb/csixFHvXTfqtVBs/p78iLRGfmNSe1maMHiY9Y5vDXBmybs9IfATT5tZoImy6VKMNb/G1eigcbPJIBujUgxJ8urxIfALoFrqjIRJPwzX0WOAs9rL4GgUtaods1J1G+VmjJGBCNCqKyKPcNTtWkDpL8ll9CzQ7cziAd3ezh/V7vtDEzjbPO8gz82Ee6j+GoVP/Jr2KvAOCjz6igZYExRQDITd2D2bj09VSC7PUNuBfdPuBWjOOWMAuKGpISBQAV/V2CpriDui1wDKQLYIcdfJF2fMzaAbWWy52DtEDM7Tu+pXdZKpLSXHYjX1GOBE6W0SMmF1ryf27wCGe3PciPg3GkvBV9XitmJp/EQieAtKr0SXNbe/JDTFwRra4fymwoPEiW3iCyUv7dNMX207YLzyxbGehOjTrcOwZQY7ssCGOqea0OcmMHJ0KFBp76N4qtJhNP1okUtxxv7kNUZWiYTCXt8kZVTkbHcPreVVEzJWD8ysH7QLNLrimkn1WE0On1Aju2WrlmaVq7K5zHEq3uDPL3nRIo/6jGEWmy2gSmK3f+n+GYhZ9xlmV/mmvHt8b3dnmkQqA3quj4pi19joBGaYh4HNCerhiRomaOYFGpEYpR2RIysmttMbhRsBiM46MQA4TdJDFQ9/iQPkUDdVr807sZfoIy82ulgjM7zjMm+l+JBNC48QnDBJnRG2G9gDg0PHsA7hpmKvSjLumNOjcktu9BaY+dyaApsUnfCyL/bwC7yZ0Z0YK2X/f74etGd0QGb1zQJrOINAItLVvWTkPoV3Bjo0T5BA2EluZIGMsyXW0i1Rco6KxJuikJzBQQ4Fqk0Q0vxY/zMcuZX8ojrdiZj0pU8YSrE0ucnBTuW+pOUyrtiZ9E2Oc205qjoGPvS9bJkuuYwO0FtpQw1StLt5L8/TDsddOymDPesVn4oD0SCirfVomElCjG9nmMOQIAjBh/H9zaKObz2CzkgXs4GaB2NkumkFge/kLml7ILsak5fofgjnkBniiCf+9fzoudmgQcq0eIX9DGeAbvku1UTrr1avy6qbeJtRPTO1vKQ/JcKFjKxTSNArgxoh/Lq5u/Vj3G314Kr9327zP2L87BYpTMp1Y9EHRJ+Ov/Qr2qw3QuVcreU27OcidkN8F1vQT16gPG15Eqa+89P67OrrxJLaExOpxeKRmyYtfnvW0IN9pdLjgpA/4hNDkxAE/SrXa/Res8wkjtqeBP3WCVALG4qfGQSRAxn2MMBTni/kWSbBq8Ve2luSdJDYyCvMzmdXzocwSs3rGgn+jVxkoqr31gHZsiRB6GOM8wReT2gTRwGsqmivTvh/dxguz/BCTUp64uDgUBH2Det2PqECRs8EyRz9VTNt6vjBdcLj5cltD/eX/8TpY0WkIId5Hfucs7vKxrsG94xGzo+/3r9OWedEASicg61JPgO0NHYL8kuH2IuTFua2RUG0mOMkL8cCbbE7SY5qrlk8OR4xUW1AbPUwMy8pMx7r2KMye+0dpwZcIhuz9IzpknROQaSEwaUaIiLqs+GPCdX0KtCKlZ3DCmjdGVPMFS3cGSvhh3djqhIVBvnd8M8+bWH+20TRVfrOpVG2eHEwLlYAbTbZE25d3HdLPbazLXNv9osR/Ac7bvu7iuu3L0Q4mnOfb7Pw8Yq7K/85hqXZbu8flvc0ewGXylSeio4ra/UG+f7uEeuAC4qOR49VGnHajhkkUAFwOs13qrGrwmT2dv58tUm3E7XnI9UerZGd0KeDQ5M1VIggttn3GdOo2f51XI8DxEFUSNvi3Zm63TFRtjQJgGqWd020ado19zKNVMtSLN8ZmpgoN0JxGwogeK560xFMENkWI94gC2ODU5W9ktIy9ZHqqSAtrRN/IwLtxwcv3aSjjRxlA2igAZVEO1jwXb1okH7WI1GhYB8Ln103l3U1Bxmeg8BwjpjH+roPMUCbkBsKP1L1ITKrgq0hHddnHVsIeITuBS81ycq/xzLu00ya+HK3Pt22z6hP2k2ismjz0hw5Vm/20lZMmSMl4/jxjLi5IN4KxYEc/yve6tmB/bMne5G57sXQuGu8muFE8AnWwuis6alnxiCKt0mbSJ27rMFt3SqiLjNQiSayIIVtuZMMCCKlPSqvurIpqWTA4ZNougULazbt7qviOOVUv2WgcnlufbZVbSGN8ukZYWSwHqvyumsUwhoxpgvGqwheb+GVuDXfOqdQoqhmFYyyJr8WI33SyFz6/jjSydYiBeWKD5Fz2frCsHzBkqib9afcYpzhvv7/8x550udAuFvL+Z1/kyLlzf0ZpnN9xfJs1izEYwKLZEAbve4rEiQLS1fupMufsrvPIWzj4V2Zy+/GpX0kVifY9f0I8HWj8cTB1f3VB51qNiFXAqPKpAHixhnh3WU6WQl9Y56+tEmTuY9NPSUNmkDL3isBZNjWKltNZ12aYvYXHbgysP1yz+AtSWYm/+ytFIIsYRq6NtQ4jJiRKpq6hLz7uI/eOZ4jVINo1X2T3gN7y7xXNemGCNIOt3qdSw9XQnpobw8R0PIFHltbiZvJHmpL6e6yQDeVyxP/gVZNexC7hWu3yKi0Cf5XnnuBvYrzHwgFTdBTyO2xSXn49Tllmc/Jn76E6nqVcOXN056jdareX9OCFNFhR4tnjcEL0lzSEvHcVkj9BGfNcBYQyj70nXk35z4697CMn9lCR0tDb+hHhkLTBACENQJB5eTGIdlm1VM65GYKmvE+Nwh0I4rtjVucdxi+23v+6sxkOq9qmQG7zekVKsR//MayuN8eaCe6vYYAxACrLwTmq3hMYlnFDF8Lct0aEm7jDUaFQCVDxy0sgqimP+pBfbj2gpm9r1dZ45o8aWSulRJ0hGWTduHwWGpb6BWjPLeaBlyR2ZHJD5vyxTjtZirl9+YwEYXdKh4zMm3B+AMUbO68rX63fUogEEz/p7dolcEkHQoC5zdjb+bOy9vqhm5JJxUnWExNhK/V9eBJPH2XV2pAJUyj0x4T7gefMu0nXQM56fY3RFf62YYM1thsyhe9wV3ei3JDwZi3ZJ2UM3iW0gLjHD+/HJXzaLPZptvkNwbAKxO0xLq0ZhdAR8pU9chCB/o+jiKYUpdrF0ZxoWIJo7r1LLkP77heFsOJpf/rkq145GHD7KgglJtnxXh7XI3m5mpnWlZmYRD9TqyIO9vOZhgN8rJNKppSqDzmaQsYihM4xcKjBj2DDxSYXpxseC1ACmU0N072h7fP4JgmegoavlL3JBaJrImltwpuZMqy6seYGL8woQpvZcB/+UwHe2sJPcik/f7fSYWI89MjE239HhGm6CAT2wa/K5AzDBomOqC31eU8FAzO0r3EgdNczOxo/QuG5EM5515s3MkoFG1/Popj0gsB4576MZPcXOy9SJ4GFHfr/TpFeOfU6rUjF+oKT5t1FrMQUTqsmm/D0Eu6MXyt4mRqJF+RxieKw1TQqfdTjo78xCkvmqEiwYbJ5z5d2ddlgN8f8wqS6YBuG5itcRov97Ux6sPmLJj14LekuBp/daACorN6w72FQkPvP4Fr09XGXVUe/ASGWtAQQrz/wqfU9uqeH5isVS0R9dTkdXDUOnjJ5CgKh6yArgVs1QKFsiIChMgKW7zqldg2c1Nk5Yznc7e8g3sjeYnZVHLs+J3lu3Rr+sB4DuRsXQ9IYe1h4m0ka8QfaraVoJa1PDUzTbXg7kuxkTNsmO1+oYP4Vv3f/NP3TnJ1+iHWozrlzvLkRxaMgKhM+I2ELt7QIKSyOYjBAtCL2i37a6KpQoToqpbxoHfDYX1z7RYKkzzufDwn6j3ewsJ1Mtuy6/ODmtEtt0L8AiDYGnzh9JfqetNbXOnGkzC5WnbYlJwARILJGPjBY5wKMq1TH2f4bPrMwUV6QyDxm2I9I5dQexzuJINMIRkDxtZ3LEZlZWzQzTCsyz8if/6XagfuTb7F+sJ3e6PeyNfF9vLXg1feLu/Xlls8O4i25lbloUDy1PzIqzNFdTWVCyAG+I4hzWcSHEtfodIsEFl0O3vPQCjSOI+vFAdkDdmyw8PNwD3tHrV8FslSO5pm8HEPoQAe7/26/soy/Xmm9e1sX0XKPQknLpLAI/yoM6a1ZxcayDClzc8x/yjJvw/IV6x7IHLimdKbn8IL/fY+/Ie8vjixqpsiGFJMYH1TNr1T4nfdN5XgoI2w3PV3P5bp1orCXMOtF+T2d3l3dbV9YkXoat0Ct6FbL6Sk83IyfTDpFJzd560OCo0pRF67Po0DhPNbJ2SJHWqQn4ty4geCvHDMYoemNdpwVGwQAWrmJ70TgiGR5bWjx/9EkLiUbsYdMf42fzZz4yvZ7mdeaUKKxbCqJQayLeqnH8HQyCiy8cK+IuB67G2KokT8tUKFnne6GUCWncaK2XKErV63pEZH/FidlQBulVLw8p/T00MFiPlfa5Hu9hZhgjjxjRWo8iFSQrs7qK+m3vTdYntN89z4LB8zY1yam0xVLH6rNUYhgfZorHlF8yuS0ORHHZTQ3qsy+GkXBXzoK/gLwMQyT8c9J+2RhglnJ+XDyArMsvSCpVzNiLhBfUTgbK6iwYJVpEgA+LfX5x2sw3zs8RvBY/Ul8htlY1hnilvmWSRfJd+NHvXQVTng4z9lQV2odUKDIFkiL++wg4zJq+R0XgKfqm6SUmhZu5OJ+jYwsOgOOL1mhD0qP1/Bfy/PZV52NXJ1w4qc+O+afY7HvV43V02Y82/IqZ6SCAdIwggHOoAMCARKiggHFBIIBwSS4hy3oR17Czx0xy9V2qFSCcgYkEm4KET9Jr9JzG+j/gmsNM7ZKBPu/hZEXeDf/Mmw7P36iWwXvm+UcRMfvnMg10Mxo1tAVgUc0JXiBCFyOfTIfkenUmFfN25TP72NgibBMnwSzI5BubaI0VMFwUwoG4UPwt3K98gLLQ6sLZ3G6mbKn9NHOjNktuK+QkK/JzK6TLopduWbhUH/oQFvNPIVyoO3zau0LNKj+RG0DXTKeMlSD7RsK8W/V1nzVL83AjxUbunzbo9PvYGBvgHlnZys+ssc7Cuv8y1Q/IEie8XLeKLob0GyyU2DH+ObzGEwg3H+cs/vto7RJYPKNmIz03BkTm4t737h2l+XN8U3zrCeVERojst8edwbLrbOR3lFC7g43gdF1TnIDGwA4xjM4G7GcTsHfpR9HqHchkmccwWQ9/quoJuzO6zYuLuWG9cIh2AgYM2w1ghEYfz9bdIc7wY9vNNFp0P9glOamEQplg5DBLd24udA111d6o/V+1ht9v4vaGmArg+gHqoinHxlo4+eugjMYHlswdBqCU+2Ssk1hRM+yyQXzN9MMP2a9LPqd6pSwp4VjbfN38r5dkR+nzgUN
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
HTTP/1.1 401 Unauthorized
Date: Fri, 06 Dec 2019 23:11:38 GMT
Server: Kestrel
Content-Length: 0
WWW-Authenticate: Negotiate oYIITTCCCEmgAwoBAaELBgkqhkiC9xIBAgKigggzBIIIL2CCCCsGCSqGSIb3EgECAgMAfoIIGjCCCBagAwIBBaEDAgEepBEYDzIwMTkxMjA2MjMxMTM5WqUEAgIFSaYDAgFFqRMbEUdCTC5BRC5IRURBTkkuTkVUqhQwEqADAgEBoQswCRsHeXdhbmc3MKyCB78Egge7MIIHt6ADAgEFoQMCARGiggepYYIHpTCCB6GgAwIBBaETGxFHQkwuQUQuSEVEQU5JLk5FVKImMCSgAwIBAqEdMBsbBmtyYnRndBsRR0JMLkFELkhFREFOSS5ORVSjggdbMIIHV6ADAgESoQMCAQKiggdJBIIHRdQ4UpEul5It2IfV0VxSLUsX4uc+V3gbJ33ccdb/ZODIHHzJAG0POTyi9BKWPNX7y6FVJYev+eyoMkD1elsDj9ZpExk7PKst30cM0wyI0ywx7H4ZTRaD1wfHX3c+TV3Kr6jyljkzENPLbyaGIgayi9L1pLcj+GRxfKLRauCYsg1obt9iO/MVGF81G1xBiJAdJraiS96R+QMTeCN8T8sSEAMioFs1dUTquG4heFT/P6rtHoikPGWIEQHLEBOIoWMWW1dWz64YF9wJsMm6nQcTWTUbxOuxds97uU58/lqLqgbSE15B2YPSM0Zj8QA+nf9idS84MifA0F/6lvHbBC6FRaizG38e1Qf9/0YvP8wJ4QDGHCK+ZpxYbwJXTOBYvnRMg2ohl+wtirDDgjC5oD5ac+MXwI/HtKILf8wzZ0rTvxAKhN9kErpyQi5w/Ft/kJdBATOOMbFmrzOjYM3tUTzMfLUCIcP12PGUiXWsp8KiTuUyadJsYiPqthq2mhoEqz9qazQ2ZopZsPxMY2EKyhTSeIe+ScXW89cJ5ArX8qKRsG7QnpTL6/reGytFwSOnAnHlkapdO3oTE8TvfxdPXk4kEiLQ9xO2Q3LezTyWKM4x5xg3+XiZMlis3vBIX67qtibSGY+PwuJuuXfzW3Ksefiv7zBu2x/r4vIcJN8rM3s4NlHEG2sgnwjboko3+CoSKcA20mnJUKVnEvjD4HFcJyUsIcUHCELTlMw+IHrGzWllT/rpPDCHdwfWWPUuHP2zzEndgGwzwsA64PG+w8NgfqKvJXDP3gOIqiTbRgxmdVgQGiJ1V5e9rLWHOWAatqnEoF/24nTb3s2cqR3+HYmiMjNZPA51oDd+cTzixA5EvbxhvXjIsAs3GEk4D6epxZHxb1fSUxYetxpOo2dOwZIeGHpZFWDYPqvKx4ksmm2ctZTL4iss896+dGmlOYlO+6kONlfBTHGyPMeVGS8L9JJ3rvDFFvKshYIV3Bc5RRlxSmxhw9zACiaRlFFVAYVGAJJOnYFMG+YLdgDG/GQy/mvUn/PY7Y1YyjpgLY5WLlv5fg2WpMNwDurpyFRvMH2ZzR7gveoO/m20fo/jUcmHG309fAT+EluOKZfEcoMz11PyLNjg8Uz5Z/NORN9XuUWWnBI4P12XRWVoc+N2BomhW/w24uEbRpV+FEMPzOZvoZTzlASfvbuhy04On1qPDb32r2m5fxh8ILScndUKEJ8NM9U+mf0ZTMzvsuHuZWT/FTq4WhFDKDPvTcCtcKxaddvlWvVAerMtKQqP0kvsUi/v8agu4lpNPgCbfyJqKJym+xyryWMxPzlOrrMY9x34gOelkJhxPsuk8bg8TXO6i9i1xC7Q4VSoQYrxs+DZjfoQAKutzteNUpuVt6q5P/LaM//8ZWLrIRFPe2UUlyvh4MhsA2CBoOUsVFMGdYsP162tuLMTWf0jy9NZNGbeYCA4pqWvZMnPCGYob4ftTMQqWNHHPzzKw8kV8o/fpKNKRIBn5btPizzRoN+brrA00wj3zRvlPVW3CJcqaB1GoTgMxp7JpMyDIiQ+NxPhP4NXLAtNRw1gsfjbwYZkwtRbbOr9OoCAmYGWXvxRPO9pfniK69lv6FprSohEDrzqY++ClIxhGbAen4jfvx7au2UBivTwH5SHdfrWHVS9rWh3hiG+Idn56ARxZWxjrTJXkXTsSeZM887M91ZDiWySho4t37Au3qrTa7MzaxquzYkYWVN0k5KWi0NXnJ411gs6WUin1exMSLdwamIry9AZ2bQh0eu4mVzVJ4q7wHq/PgTsIQzhHlhnkf6xkZXie8y62anM6z8dzQoTXbQPhvSg9QfEsOchmBjlGJmofPt9yZr/HQ9eGk2bncNKkh8sBNyShEcFt0jQbANkD9X1izM3zN3gBqJox8FLi1egCvyH98lU/Stx8dHFmT4/nnGhpZuW+Qig+aSU3jCgcKIJshWTqSGjSbQc/AC4TYiBqn8z+X6fLDzQ5y/Q4oyilC0JKfGLqopXQJJOlE7OEA21KuzqzmJuma1E9QQ4PABndykDA7PcGgTZrbCKrOqxPeE6FH6mv54LfPlXrmrzb7BtIiLhuPaaCQME/fRwPwoWEwcwv9aiihSJ8Ot7kd2hxCTtVMi/ce8NjH4uGaRrLh+TQr+OVPWXPbie/Y8mQnK290BZ23I8S/VJhUcog8v99A9GtRS9IpXrOan/Mt9Gyqax1rJiQSmRJJkulXZ5gD/8lneMkJdz0q9/PWb6jtF10Fx00bOv72NDo9S5Q6TGZXBDca2bZFi5TeGQhL/2kg1LkHuMgCb2B5dDCxFJV+a77UFqFEtjOg5jobDDHaDA2Rfbgxh9q74Es+Ix7CG0ByZhdkvtAG5x1ri741hQMgtnD55IAM9FYQuen39ET3epXqYMy/nAZat090C/AT/swsE/B6tFv22iS4NQ0ckarQJ206ylZFcEwUOhhllXixvIdH5UG73IsCrFMUU=
Strict-Transport-Security: max-age=2592000
Proxy-Support: Session-Based-Authentication
------------------------------------------------------------------
GET https://us005:8091/ HTTP/1.1
Host: us005:8091
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
HTTP/1.1 401 Unauthorized
Date: Fri, 06 Dec 2019 23:11:38 GMT
Server: Kestrel
Content-Length: 0
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
WWW-Authenticate: Negotiate
Strict-Transport-Security: max-age=2592000
Proxy-Support: Session-Based-Authentication
This is not supported by design unfortunately.
See post here:
https://github.com/dotnet/aspnetcore/issues/13124
I had a similar issue. Negotiate seems to default to NTLM when running on localhost, but Kerberos over a DNS name. Kerberos requires a SPN. I fixed it by adding the correct SPN using:
setspn -D HTTP/hostname serviceAccountName
The exact SPN will vary depending upon your setup.

Blob type of the blob reference doesn't match blob type of the blob

I have code to check for the existence of a blob and its size that works fine in my development machine but when I publish to the production server it gives me the exception:
Blob type of the blob reference doesn't match blob type of the blob
Here is the code:
CloudStorageAccount v_StorageAccount = CloudStorageAccount.Parse(v_ConnectionString);
CloudBlobClient v_BlobClient = v_StorageAccount.CreateCloudBlobClient();
CloudBlobContainer v_Container = v_BlobClient.GetContainerReference(v_Containerstring);
CloudBlockBlob v_Blob = v_Container.GetBlockBlobReference(p_Name);
v_Blob.FetchAttributes();
I have tested around with fiddler and found out that when running in the server, the response header does not have any of the x-ms- tags, although the request headers are identical in both machines.
Request Header:
HEAD http://XXX/90f5a5f1-9f6f-46bc-bbf6-21d77b8955ed HTTP/1.1
User-Agent: Azure-Storage/8.2.0 (.NET CLR 4.0.30319.36399; Win32NT 6.2.9200.0)
x-ms-version: 2017-04-17
x-ms-client-request-id: XXX
x-ms-date: Thu, 11 Jan 2018 13:44:14 GMT
Authorization: SharedKey XXX:XXX
Host: XXX
Response in development machine:
HTTP/1.1 200 OK
Content-Length: 504014
Content-Type: application/octet-stream
Content-MD5: /i5aFVWYlPqZjHvU+gxcbw==
Last-Modified: Wed, 13 Dec 2017 20:22:02 GMT
Accept-Ranges: bytes
ETag: "0x8D542672BB913FD"
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 04155a59-001e-000d-58e5-8ab906000000
x-ms-version: 2017-04-17
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
x-ms-server-encrypted: false
Date: Thu, 11 Jan 2018 14:04:56 GMT
Response in production server:
HTTP/1.1 200 OK
Content-Length: 504014
Content-Type: application/octet-stream
Content-MD5: /i5aFVWYlPqZjHvU+gxcbw==
Last-Modified: Wed, 13 Dec 2017 20:22:02 GMT
Accept-Ranges: bytes
ETag: "0x8D542672BB913FD"
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Date: Thu, 11 Jan 2018 13:44:14 GMT
I don't know what I'm missing here, but, most important, how to make this code work on the production server?
Edited
To clarify some aspects:
Development machine: my notebook with windows 10 + visual studio 2017
Production server: virtual machine with windows server 2012 standard + sql server standard (no visual studio) + .net framework 4.5 enabled (project is 4.5)
The server is on-premises, local, on the same network as my machine
Using nuget package WindowsAzure.Storage 8.7
All calls are to the same storage account and same Blob object, no emulator involved
The exception occurs at call to v_Blob.FetchAttributes().
The same exception occurs also if I call v_Blob.Exists().
I'm sure the blob is a Block Blob, the two calls (one from my development machine and other from production server) are to the same account and same Blob object, with the exact same parameters (connection string, container string and blob name). In my development machine all works fine.
Stack trace from exception:
at Microsoft.WindowsAzure.Storage.Core.Executor.Executor.ExecuteSync[T](RESTCommand`1 cmd, IRetryPolicy policy, OperationContext operationContext) in c:\Program Files (x86)\Jenkins\workspace\release_dotnet_master\Lib\ClassLibraryCommon\Core\Executor\Executor.cs:line 604
at Microsoft.WindowsAzure.Storage.Blob.CloudBlob.FetchAttributes(AccessCondition accessCondition, BlobRequestOptions options, OperationContext operationContext) in c:\Program Files (x86)\Jenkins\workspace\release_dotnet_master\Lib\ClassLibraryCommon\Blob\CloudBlob.cs:line 1619
at AzureDataMigration.Class.ConfereDocsMigrados.createBlockBlob(String p_Name, Int64 p_IdCompany, Int64 p_IdDocumentConfigType, StorGlobalHistoricalDocsEntities p_Model)
at AzureDataMigration.Class.ConfereDocsMigrados.Confere()

Why does IIS return empty responses?

I just published an AngularJS/WebAPI project using File system publish to a local IIS Application and I can open the website in my browser. Unfortunately, no resources such as images, css etc. can be loaded. When I try to reach any file located in a sub folder I still receive a HTTP 200 from the server, but the body is empty. I can remember I´ve had this issue a few years back but I can´t remember why this happens.
Request
GET http://localhost/Content/images/common/logotype.png HTTP/1.1
Host: XX.XXX.XX.XXX
Connection: keep-alive
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.130 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,sv;q=0.6
Response
HTTP/1.1 200 OK
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 25 Aug 2015 07:56:12 GMT
Content-Length: 0
As you can see, there is no body at all but the image exists in the folder and I can open it from the filesystem. I would guess that if this was a privilege issue the server would return 403 or a similar error, not 200 OK?
Facepalm
Turns out that Lex Li:s comment put me in the right direction. I had completely missed to include the "Static Content" feature was missing in IIS "Common HTTP Features".

Categories

Resources