I have a link to resource
http://example.com/category/id/../test1.html
when I request this resource, on the server I see url without escaped id and double /../ dots
I try to catch these dots in global.asax Application_BeginRequest, in custom modules, in IIS logs, result is the same url is without id and /../
http://example.com/category/test1.html
At which level I can extract id?
As far as I know, if we use ../ in the url this means parent path, so the browser will auto generate the new url instead of the old one. This browser action, we couldn't modify it by using url rewrite or something else, since the url come to the server has alread been modified.
In my opinion, the only way to get the ID is you should modify the url format or encode the url.
Related
I have URLs stored in a database where the spaces are encoded as +.
When the browser requests these urls the web server returns a 404 response.
These URLs are all for static images stored on the web server in the wwwroot folder.
If I manually change the + for %20 then the image is returned correctly.
Is this a deliberate change in ASP.Net Core or is this a bug?
If it's deliberate, then it's going to be very painful for me going through the database and re-encoding all the URLs, many of which are embedded in HTML snippets (I know storing HTML in the DB or having spaces in image files aren't a good idea but it was done long before I joined the company and that's the state we're already in).
I'm using ASP.Net 2.1, running on .Net Framework.
It's running through IIS Express at the moment (during development) but will be deployed with full IIS.
I have seen this other question but it's specifically to do with API calls and the answer doesn't seem to be applicable to my question as there are no routes to change as I'm requesting static image files.
Edit: Extra detail
The html is output using #Html.Raw(html)
The resulting html output to the browser is of the form
<img src="/BorderThemes/grey+4px+rounded+corners_TL.png" />
The Html was generated on the server and then stored in the DB so we can be confident it's safe to output to the browser and, no, I have no idea why anyone would do that rather than building the HTML when it's needed but it was before my time and it's the situation I'm already in.
Update:
I've looked deeper into this and if I enter http://localhost:8000/BorderThemes/grey+4px+rounded+corners_TL.png into my web browser I get a page from IIS saying Http Error 404.11 saying that my URL is double encoded and linking to here for more information. This does include instructions on how to allow double-encoding but with warnings that it can have security consequences.
If I enter the url http://localhost:8000/BorderThemes/grey%204px%20rounded%20corners_TL.png I get an image back.
I was having issues with paths / html stored in the DB but after experimenting, it appears that System.Net.WebUtility.UrlEncode encodes spaces as +. For example WebUtility.UrlEncode("foo bar.png") returns foo+bar.png, which is rejected as double-encoded by IIS.
Am I missing something or is Microsoft's function for encoding URLs encoding the URLs in a way that Microsoft's web server rejects?
If you want %20 instead of + tryusing EscapeDataString to encode URI :
Uri.EscapeDataString(someString);
Refer https://stackoverflow.com/a/50682381/704008
But you have already generated url & can'e do anything now so try using HtmlDecode like
System.Net.WebUtility.HtmlDecode.HtmlDecode(html);
I am not sure it best to use with Raw or some method exists like decode in #Html but try using :
#Html.Raw(System.Net.WebUtility.HtmlDecode(html))
Refer:
https://learn.microsoft.com/en-us/dotnet/api/system.net.webutility?view=netstandard-2.0
https://learn.microsoft.com/en-us/dotnet/api/system.net.webutility.urldecode?view=netstandard-2.0#System_Net_WebUtility_UrlDecode_System_String_
I'm currently working with an email confirmation after registration using ASP.NET Identity.
This library provides a token generation which is needed to complete the registration. This token is used in our application in the following path:
https://localhost/#/account/{token}/setup
And the token is generated by invoking:
var emailToken = _userManager.GenerateEmailConfirmationToken(newUser.Id);
Once I have my token generated, I add it in the path by doing a string.Format this way:
string.Format("https://localhost/#/account/{0}/setup", HttpUtility.UrlEncode(emailToken));
The result looks like this:
https://localhost/#/account/AQAAANCMnd8BFdERjHoAwE%2fCl%2bsBAAAA6gbQhGTTMUWVHDgOwC9T9AAAAAACAAAAAAAQZgAAAAEAACAAAAAqo%2fiAv8iIn7Zox9pS3MOUMVNisAo7Bnada6%2f9wKEe6wAAAAAOgAAAAAIAACAAAABUu7WkD9vHvN2EDz2%2bqGwvJ4j6gj%2f4PaBTbI861jfEcWAAAADJV74LZjKAXv5v1FqYVuWLyTpPBCnLfopSi3rsEEwMHFKwltHL3moL2h%2fvYVs%2fu3LB%2br5Qytuu%2fZYOUWQTY5KzBqHeZoi7RJ02emDI0NTRhIKxfSGGIdbYxuAjsW14G0BAAAAACsC8L%2bdUDzFMgKUOkxWhKofAz8L0mH5VFEt8Oq%2fKYsxIiu4fiA2sGlPfDhhKQnV2lg%2ba8qHydUjqmyfxNex0Pg%3d%3d/setup
but when I open this url in the browser I get:
...and so on!
What I see is that the url is encoded correctly in the body of the email, but is decoded when I open it in the browser by replacing the encoded "%2f" to "/". This leads to an invalid route in my application being that I expect the "/" to be a separator between different resources.
Any thoughts of this behaviour?
References:
Another guy with my problem too
It's probably decoding it because it considers it part of the path.
I would suggest you explicitly treat it as a parameter. That will tell the browser not to decode it. For instance, instead of having this path:
https://localhost/#/account/AQAAANCMnd8BFdERjHoAwE%2fCl%2bsBAAAA6gbQh..........
Use this path:
https://localhost/#/account/?t=AQAAANCMnd8BFdERjHoAwE%2fCl%2bsBAAAA6gbQh......
Notice the addition of ?t= after the end of the account path.
Then consume the t parameter in your application. That will tell the browser that the value at the end is not to be decoded as part of the path but rather preserved in encoded form because it's a parameter.
This would obviously change the path you have (because of the setup part) so adjust accordingly.
In my Project i don't want to show query string values to users. For that case i used URL Rewriting in asp.net. So my URL Looks like below.
http://localhost/test/default.aspx?id=1
to
http://localhost/test/general.aspx
The first URL will be rewrites to second URL, but it will still executes the default.aspx page with that query string value. This is working fine.
But my question is that, is there any way the user can find that original URL in browser?
The answer is no.
The browser can't tell what actual script ended up servicing the request - it only knows what it sent to the server (unless the server issued a redirect, but then the browser would make a new request to the redirect target).
Since URL rewriting takes an incoming request and routes it to a different resource, I believe the answer is yes. Somewhere in your web traffic you are requesting http://localhost/test/default.aspx?id=1 and it is being rewritten as the new request http://localhost/test/general.aspx.
While this may hide the original request from displaying in the browser, at some point it did send that original URL as an HTTP GET.
As suggested, use Firebug or Fiddler to sniff the traffic.
I figured answer for my question. We can easily found the rewritten urls. If we saw the view source of that page in browser then we can see that original url with querystring values.
I have an ASP.NET 4 HttpModule (see code below). When the url path starts with "/1.0" I want Cassini/IIS to go to MyService.svc. However, I don't want to show "MyService.svc" to the user (i.e. no update to the url in the browser). I want the user to see "www.something.com/1.0".
I was pretty sure that RewriteUrl isn't supposed to change the browser url, but in my case it does. Any idea why?
public void Init(HttpApplication context)
{
context.BeginRequest +=
delegate
{
HttpContext ctx = HttpContext.Current;
const string BasePath = "~/1.0";
if (path.StartsWith(BasePath, StringComparison.OrdinalIgnoreCase))
{
ctx.RewritePath("~/MyService.svc", "this/is/a/path", string.Empty, false);
}
};
}
P.S. I cannot use ASP.NET Routing because of the period/dot in the Url (see ASP.NET MVC Route IDs with a period).
Looks like you have the same problem as described here:
ASP.NET RewritePath not working as expected / URL in browser changing
Add the trailing slash to the url:
ctx.RewritePath("~/MyService.svc/", "this/is/a/path", string.Empty, false);
Also, I'm not sure if WCF engine would preserve PathInfo for you. Possibly you'll have to pass parameters with the URL as QueryString.
You need url routing of ASP.NET, and it's available since .NET 3.5 SP1.
For your case, I think it's easier to "route" instead of rewriting, and it's simpler to use.
Why? MSDN said this:
In ASP.NET routing, you define URL patterns that contain placeholders
for values that are used when you handle URL requests. At run time,
the pieces of the URL that follow the application name are parsed into
discrete values, based on a URL pattern that you have defined. For
example, in the request for
http://server/application/Products/show/beverages, the routing parser
can pass the values Products, show, and beverages to a handler for the
request. In contrast, in a request that is not managed by URL routing,
the /Products/show/beverages fragment would be interpreted as the path
of a file in the application.
You can also use the URL patterns to programmatically create URLs that
correspond to the routes. This enables you to centralize the logic for
creating hyperlinks in your ASP.NET application.
ASP.NET Routing versus URL Rewriting
ASP.NET routing differs from other URL rewriting schemes. URL
rewriting processes incoming requests by actually changing the URL
before it sends the request to the Web page. For example, an
application that uses URL rewriting might change a URL from
/Products/Widgets/ to /Products.aspx?id=4. Also, URL rewriting
typically does not have an API for creating URLs that are based on
your patterns. In URL rewriting, if you change a URL pattern, you must
manually update all hyperlinks that contain the original URL.
With ASP.NET routing, the URL is not changed when an incoming request
is handled, because routing can extract values from the URL. When you
have to create a URL, you pass parameter values into a method that
generates the URL for you. To change the URL pattern, you change it in
one location, and all the links that you create in the application
that are based on that pattern will automatically use the new pattern.
See ASP.NET Routing in MSDN Library.
I'm using an API which, given a url, redirects to a file on the server. The file names have "_s,_m and _l" appended to the end (small, medium, large). However, since the url's querystring is parsed dynamically, I don't retrieve the actual file name. The image displays correctly, but is it possible to retrieve the filename of the image file from the code? (i.e. where the url has redirected to)?
e.g. http://api.somesite.com/getimage?small (this is what I enter)
"http://somesite.com/images/userimage_s.png" (this is where it redirects to. I would like to get this address from code)
Thanks for any advice
Sounds to me like you are trying to access some images you shouldn't access programmatically ;-)
You could access the given URL with an HTTP client (opening the stream with a stream reader might already suffice) and watch out for a Location header, which will most likely contain the URL you are searching for.