I'm having some difficulties with my custom URL-rewriting setup. I'm not using any 3rd party tool to manage this, just using the global.asax by looking at every request and processing it.
The way I am using it is like:
www.mydomain.com/site/google.com
This page contains information about the site "google.com". I'm using the actual domain within the URL. This is all works fine.
I have simplified the code that I'm using just to show you an example of how it works:
Dim myContext As HttpContext = HttpContext.Current
Dim URL As String = myContext.Request.ServerVariables("URL")
If URL.ToLower.Contains("/site/") Then
URL = URL.Trim("/")
Dim strURL As String = URL.ToLower.Split("/")(1)
Redirect301("/site.aspx?url=" & strURL)
Exit Sub
End If
The issue I'm having is for certain domain extensions, the page will just load up custom 404 Not Found and I have no idea what the cause is.
Example of pages that don't load:
/site/google.ad
/site/google.cd
I'm guessing that the system thinks that .cd and .ad files are actual physical files and when it doesn't find them, it shows the custom 404 error. It doesn't actually looks like the request is getting through to the global.asax. When working in local environment, they actually load fine but only on the live server it has this issue and this is why it has been a nightmare trying to figure it out.
Another issue I found was loading the following URL:
/site/prn.com
This shows a 404 error again but this time not the custom one I created but the actual hard looking .net 404 error page. This also works fine in local environment.
There must be some IIS setting or code change I could do to try to get this resolved.
Thank you for your time :)
Aki
Check this link . Error message when you try to browse a Web page that is hosted on IIS 7.0: "HTTP Error 404.7 – FILE_EXTENSION_DENIED
This is the reason .ad .cd extensions are blocked.
Related
I have a very basic Single Sign On app built on VS 2015 using MVC and Web Forms. It is supposed to be a simple proof of concept and is based on some code found here and here which are essentially the same things. I've finally gotten it all converted to use .Net 4.5 but when running it on my local server it throws a 404 with no debug information.
The 404 itself wasn't initially a surprise as I was supposed to be able to change the url to one of the secure pages (for instance /WebSecApp1) which would redirect me back to the signon page but no matter what I put as the url I get the 404.
I've also tried changing the urls in the code so that they contain the port numbers for the localhost but that doesn't work either.
It was suggested to me that the RouteConfig.cs could be the culprit but I don't see how that could be since I'm calling a single page with no parameters.
I know this is kind of lite on details but does anyone have any suggestions?
Yes this looks like a routing issue as you also thought it to be. Routing is essential for web api too .Pls see https://www.asp.net/web-api/overview/web-api-routing-and-actions/routing-and-action-selection. Does your api request look like this
GET http://localhost:34701/api/products/1?version=1.5&details=1
You do have to mention the port in the request.
While the routing that Arathy mentioned above was partially to blame, the real problem turned out to be relatively simple. In my case simply selecting Properties->Web for each of offending pages and setting "Override application root URL" to checked fixed the whole problem.
I'm facing a really weird scenario here with my local IIS. I have hosted multiple sites in the default website in my local IIS. One of them has the login page. From the login page, I'm redirecting the user to another page that is located in another site (which is also hosted in the same IIS inside default website virtual directory).
Now in the submit button click event of my login page, after authenticating the user, I have written a "Response.Redirect(redirect_url)". the redirect_url is being formed dynamically and given as a parameter to the Redirect method.
While debugging, the final redirect_url that is being sent as parameter to Redirect method is:
http://localhost/CP/web/console/console.aspx?sk=3e3cc1a8-73c4-4945-b3f8-08af22ea4324.50008
But after I try to go to the next step, I'm suddenly getting a HTTP 404 error saying that the resource doesn't exist and I have observed that Requested URL shown in the error page is different that what was dynamically sent to the Response.Redirect(...) method.
In the error page, the requested url shows the value as
http://localhost/CP/web/console/localhost/CPLogin?err=5
whereas my actual requested url formed in the code is:
http://localhost/CP/web/console/console.aspx?sk=3e3cc1a8-73c4-4945-b3f8-08af22ea4324.50008
I'm just unable to understand why the requested url is getting changed automatically.! Also, I observe that "localhost" is being appended to the requested URL again which is not what is supposed to happen.
Please visit THIS link[^] to understand this question more clearly. I have added screen shot of the error page.
http://amoghnatu.wordpress.com/2013/09/16/question-please-help-iis-throwing-http-404-not-found-but-requested-resource-actually-exists-requested-url-also-changing-automatically/[^]
Thanks a lot.!
Indeed, the problem was with the way I had hosted the sites in my application. I just removed all the sites related to my application from IIS and then hosted all of them again much more carefully. This resolved the "wrong redirect url" problem.
Also, I had some tables with missing required data because of which I was getting the error code.
So after I got all the tables filled with the required data and also after properly hosting the application in IIS, my problem got resolved.
In IIS, go to relevant folder, right click and "browse". Check out what is the URL. In most cases, this is due to the URL should have port number appended. For instance it will be something like :
http://localhost:<port number>/CP/web/console/console.aspx?sk=3e3cc1a8-73c4-4945-b3f8-08af22ea4324.50008
instead of
http://localhost/CP/web/console/console.aspx?sk=3e3cc1a8-73c4-4945-b3f8-08af22ea4324.50008
As I have been requested by my instructor to use AntiXss library in the development of my senior project, I am facing a lot of difficulties of using this library because of the lack of resources on the web. A part of my project I have an upload file function where the user will be able to upload files, and after uploading his files, he will be redirected to the same page to see some other information. Everything works fine, but when I added AntiXss library and use it with the following line only, I got this error
(HTTP 400 Error - Bad Request)
and I don't know why. Could anyone tell me why I am getting this error? And how to fix it?
C# Code:
Response.Redirect(Encoder.HtmlFormUrlEncode(Request.Url.PathAndQuery));
Break up your code and look at each step:
Take the incoming request's URL, and extract out the path and query.
Run that through a form-based encoder
Redirect to that string
What do you think a form-based encoder would do in order to prevent XSS attacks?
Try this:
Response.Write(Encoder.HtmlFormUrlEncode("http://www.stackoverflow.com"));
What is written out? Try putting that in a web browser, and you'll likely get a 400 (or a 502) error.
Request.Url.PathAndQuery
The above syntax returns `/Cambia3/Temp/Test.aspx?query=arg`
For further url references check this
HtmlFormUrlEncode gets string and encode as parameters. for further info on that see here
I am working on a site which is programmed in C# .net. It uses a CMS called ADX Studio (a decision which predates my time there) which provides a shonky form of URL Rewriting (as far as I can tell it works by assigning an aspx page as the default 404 handler in IIS).
I have an web form which lives at a rewritten URL. I edited it so that the html form's action points back to the rewritten URL:
var u = new Uri(Request.RawUrl.Split(new char[1] { ';' }).Last());
userAdminForm.Action = u.PathAndQuery;
(kind of ugly but works based on what Request.RawUrl is on these rewritten URLs).
The "pretty" URL is something like this:
http://www.site.com/admin/user/edit/
On my development box (Windows XP/ IIS 5) when I initially tried POSTing back to URLs like this I got a HTTP 405 error. I worked around this by adding a script mapping so Aspnet_isapi.dll handles all (*) requests. And everything works fine on my development machine.
I just pushed my changes to the live server (Windows Server 2003 R2 and IIS 6) and the post fails silently. The page refreshes but all of my logic (from within an IsPostBack path in the code) doesn't get hit. No errors are displayed, it just doesn't work.
If I remove my code setting the .Action of the form then the postback works but it is posting to the ugly URL corresponding to the physical location of the aspx file rather than my page.
Am I missing a simple way to make this work? I don't want to be switching URL rewriting method or anything as this is a large legacy site and is unfortunately pretty dependent on ADX Studio so I don't want to do anything that will break that.
[edited because somehow the code above lost its code highlighting]
The issue is that the page's <form> tag is referencing the "ugly" url as the action. You can resolve that by completely removing the action tag from the form. Browsers will, by default, postback to the same page, ie. the "pretty" url.
This article explains how to accomplish an "actionless" form (~ two thirds of the way down) http://msdn.microsoft.com/en-us/library/ms972974.aspx
It seems like the problem is the same as it was on IIS 5. I can get it to work by doing the following in the IIS Manager:
Right click on the relevant website and select "Properties"
Choose the "Home Directory" tab
Click "Configuration" down in the "Application settings"
Click "Insert" next to the "Wildcard application maps"
Browse to the location of aspnet_isapi.dll (in my case: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll )
Untick "Check that file exists"
Click "OK" back through the Russian doll of dialogs.
This is basically the same as the approach that I linked to in the question for IIS5. However, it's not optimal because IIS is running every request through asp (even static files). Which seems like it can only slow things down. I'd like to be able to specify that asp only needs invoking for HTTP POST requests at least.
The weird thing is that IIS5 gave a HTTP 405 error when POSTing to an extension without a registered ISAPI extension but IIS6 just fails silently. And the page is being run through IIS (I can debug with a breakpoint in the Page_Load function) but IsPostBack (and IsCrossPagePostBack) don't get correctly set. Could it be related to the view state? Is there any alternative to my solution described above?
I've come to what I think is an optimal solution for this problem. It turns out that ADXStudio CMS does use the default 404 rule to do some form of URL rewriting. This has a problem with http POST:
when IIS initially executes a custom
URL on a 404 error, it changes POST to
GET, even if the client does a POST
request.
(thanks to elite brains' blog post about setting up IIS6 and ASP.NET MVC).
Rather than creating my own HttpModule I decided instead to use Ionics Isapi Rewrite Filter to rewrite my URLs. I then set the 404 error handler in IIS to the default. And I created this IIRF.ini file to redirect all requests to the same format as the 404 handler produced:
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /Default.aspx?404;http://%{HTTP_HOST}$1 [U,L]
And everything seems to work great. The advantage over my previous answer is that the rewrite code is low level and runs fast and the -f and -d switches mean that if a file actually exists it isn't re-written and so static files don't have the overhead of running through .net.
I'm attempting to create an MVC application as a sub-application to my standard Asp.Net Web application. Both of these projects are inside the same solution. While the parent application appears to be going fine, I'm having trouble getting the sub-application to work. After some massaging of my two web.configs, I was able to get the Asp.Net runtime to accept the configurations, but I have been unable to browse to any of the pages/controllers in the MVC application, including the root of the sub-application ("http://RootSite/SubApplicationName/"). I continually get 404's.
Actually, I do get a response when going to the url "http://RootSite/SubApplicationName/Home/Index/". It redirects me to index.aspx in that folder, and throws this error:
The view 'Index' or its master could not be found. The following locations
were searched:
~/Views/Home/Index.aspx
~/Views/Home/Index.ascx
~/Views/Shared/Index.aspx
~/Views/Shared/Index.ascx
The sub-application in IIS (7) is set up fairly straight forward: it's set to run in the same application pool as the parent app, which runs Asp.Net 2.0 in integration mode.
My suspicion is that I have something in the web.configs that is throwing it off. Are there things regarding, say, HTTPModules or URL authorization modules, etc., that I should confirm aren't getting in the way of MVC?
Also, in the global.asax.cs file, should the default route be different? By default, the url parameter passed to routes.MapRoute is:
"{controller}/{action}/{id}"
Should it be preceded by the name of the sub-application, like so?
"SubApplicationName/{controller}/{action}/{id}"
I attempted a change like that, but it did not fix things.
Any ideas are much appreciated. Also, general information about setting up an MVC web application as a sub-application would be great.
Thanks.
I did something similar, however not the same, I had to load views from a separate dll. In my case it was a class library, not a different web app, but it should work the same as far as I know.
The first thing you have to do is to create a VirtualPath Provider to tell the routing engine how to look for your stuff in the subapplication views. A great explanation of how to do this can be found here:
http://www.wynia.org/wordpress/2008/12/05/aspnet-mvc-plugins/
I'm sure that will get you started ;)
Make sure that you haven't made any spelling mistakes in the names of your Views directories. I was receiving the same error message and after 30 mins of head scratching realized that I had misspelled the folder name for one of my Views. The IDE did not pick this up in any meaningful way (i.e. it would have been nice if it explicitly told me that the path to the view that I was referencing was not correct -- "not found" could mean a few different things).
Sub application doesn't suite to MVC web application directly. you have to write a lot of hacked code in global.asax. Use sub domain rather than sub application.