I'm facing a rather weird issue. I have an ASP.Net website that basically allows users to deposit money into a fake account. I have some validation on the input amounts and it has a min value of 0.00. However, when I load the page and check "min value" it is 0,00 - so when the check happens on the backend the min value is 0,00 (note the separator) and it breaks/is invalid.
I set VS to use the correct culture in my config, I have set my decimal to default to use a full stop separator system side (in region/locale settings) and my IIS .Net Globalization is set to use the correct culture. However, whenever I load a page it defaults to 0,00 instead of 0.00. Is there anywhere else I need to change it?
When my friend hosts the same site on his PC the min value is 0.00 - we've checked and all our number formats and culture stuff seems the same. Is there anything I might be missing?
Your Windows/.NET Framework is probably a non-English installation? Did you use this line in your web.config
Example for US English:
<configuration>
<system.web>
<globalization uiCulture="en" culture="en-US" />
...
See: How to: Set the Culture and UI Culture for ASP.NET Web Page Globalization
Related
I have requirement to append USERNAME to the URL in server side using URL Rewrite module.
Why?:
I have website site1, when USER logs in to site1, he will see a link to site2., This link is URL or reports. (Tableau).
Authenticated ticket has been created using FormAuthentication in site1.
When USER clicks the link, authenticated username should be passed to site2.
I could append username from client side, but due to security issues I have to append username to URL in server side before it gets executed.
So I have decided to use URL rewrite provider, which grabs the username by decrypting the cookie value as shown below
namespace PlatformAnalysisUrlProvider.PlatformAnalysisProvider
{
class AnalysisRewriteProvider: IRewriteProvider, IProviderDescriptor
{
public void Initialize(IDictionary<string, string> settings,
IRewriteContext rewriteContext)
{
}
public string Rewrite(string value)
{
string[] cookievalues = value.Spli('=');
FormAuthentication ticket = FormAuthentication.Decrypt(cookievalues[1]);
//Decrypt throws error as shown below
}
}
}
Cookie Values
cookievalues [0] = has the key
cookievalues [1] = has the value
Example:
233AWJDKSHFHFDSHFJKDFDKJFHDKJFKDJFHDHFDHFKJHDFKJHDFJHDKJFHDSKJFHDF
It's a cookie value. But decrypt is not happening
I am getting following error
Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(
Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start,
Int32 length, IVType ivType, Boolean useValidationSymAlgo,
Boolean signData)
Here is my settings in IIS for URL Rewrite
Requested URL: Matches the Patterns
Using: Regular Expression
Ignore Case - Checked
Conditions -
Input : {HTTP_COOKIE}
Type : Matches the Pattern
Pattern : .*
Action Type - Rewrite
Rewrite URL - http://11.155.011.123{HTTP_URL}&USERNAME={PlatformAnalysisUrlProvider:{C:0}}
I have also set up MACHINE KEY as suggested by this forum
I have referred this post for development
One of the stack overflow post suggested that it might be firewall or antivirus issue. But I do not have antivirus installed or firwall enabled.
It really helps if someone direct me to code sample where web site hosted in IIS and URL Rewrite provider is used.
Updating Error Log
MODULE_SET_RESPONSE_ERROR_STATUS
Notification - "PRE_BEGIN_REQUEST"
HttpReason - "URL Rewrite Module Error"
Updating post with Machine Key Info
<MachineKey Description="AES" validation="SHA1"
descriptionKey="******"
validationKey="******" CompatibilityMode="Framework20SP2">
Reason May be - The website where cookie getting created is developed using .NET Framework 4.5. The provider where we reading the cookie is Framework 3.5. Is this may be the cause? OR Do we need config file for Provider project?
Updates - I have added machine key to Machine.config , but it still did not work :(
Alternative Solution
Add App.config to class Library
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<appSettings>
<!-- ... -->
<add key="SecurityKey" value="somevalue"/>
<!-- ... -->
</appSettings>
</configuration>
Copy config to GAC
Follow this blog - http://techphile.blogspot.in/2007/02/2.html
Encrypt the value (refer here) and create custom cookie during Login
Use the Decrption logic inside custom rewrite provider
The good thing about this is that the error is a general decryption error and not one with URL Rewrite itself, so that gives you a wider area to search for help. The mechanics of URL Rewrite seem to be right.
Decrypting means that it must be encrypted by the same method as you're decrypting it. So it has to be the right cookie and the right decryption method.
Since you're not checking which cookie that you're reading from, you could get unexpected results if the wrong cookie is first in the list of cookies.
Here are some steps that I recommend to troubleshoot this:
Create a simple URL Rewrite rule that will give you the value of your cookie. I created a rule to do that in my example below. You can test it by going to yoursite.com/getcookie. It should redirect to yoursite.com/?Cookie={cookievalue}
Then you can test your code outside of the URL Rewrite provider. You can create a simple console app or winforms app to test the rest of the code.
I recommend adding a check for the existence of the cookie and then a check again for the 2nd value. For example: if (cookievalues[1] != null).
When developing the decryption method, you don't have to worry about URL Rewrite. As long as it works in a test app in .NET then you should be set.
<rule name="Get cookie value" stopProcessing="true">
<match url="^getcookie" />
<action type="Redirect" url="/?Cookie={HTTP_COOKIE}" appendQueryString="false" redirectType="Found" />
</rule>
We are currently using version 7.0 of the kentico API to authenticate users into our system.
The following code is used to gain user details from the database and authenticate users.
UserInfo objUserInfo = AuthenticationHelper.AuthenticateUser(username.ToLower(), password.ToLower(), CMSContext.CurrentSiteName);
This has primarily been working correctly, but we are having issues with usernames and passwords that contain any of the following characters.
" ! # ' / \ > < * -
Is there any settings that I need to be aware of (web.config or otherwise) that would stop the API from accessing an account where a username or password contained special characters?
Looks like there is according to the documentation. Check into this web.config key:
<add key="CMSUserValidationRegEx" value="([A-Za-z0-9-]+)" />
Sets custom regular expression used for user name validation (used when new accounts are created or when existing usernames are modified).
The default value is "^[a-zA-Z0-9_\-\.#]+$".
If the CMSEnsureSafeUserNames key is set to false, the following regular expression is used by default: "^[a-zA-Z0-9_\-\.\\#]+$".
The only thing I can't tell for 100% is if it is purely for the AD Import of users or ALL users. It looks to be used on any call to ValidationHelper.IsUserName, so it is pretty safe to assume it is in play everywhere.
Source: http://devnet.kentico.com/docs/7_0/devguide/index.html?web_config_parameters.htm#forbidden_chars_users
Also the internal message when you try to create a user with those characters complains too. SO this would tell me that it is in play everywhere.
on a developer machine (cassini)
new DateTime(2012,3,14).ToString("d")
results in
14/03/2012
which is correct but when deployed to a full IIS server the result is
03/14/2012
The server is set in control panel/Region language to all English/UK/GB, running date in command prompt returns the dd/MM/YYYY format.
The site is set for both uiCulture="en-GB" and culture="en-GB" and these show in the web.config globalization tag.
I can work around this issue by adding a forced culture
new DateTime(2012,3,14).ToString("d", new CultureInfo("en-GB"));
but I would really like to know what is setting the format incorrectly.
CultureInfo.CurrentCulture.Name, CultureInfo.CurrentUICulture.Name
both return en-US
en-US: M/d/yyyy (e.g. 3/14/2012)
en-GB: dd/MM/yyyy (e.g. 14/03/2012)
Actual value in web.config
<globalization requestEncoding="UTF-8" responseEncoding="UTF-8" uiCulture="en-GB" culture="en-GB" />
I managed to get it working by putting this into the web.config
<globalization culture="en-GB"/>
In your web.config add
<globalization culture='auto' uiCulture='auto' />
and then, assuming the browser is correctly configured to pass the preferred locale, the worker thread processing the request will have its CurrentCulture and CurrentUICulture set correctly.
Any locale dependent operations (including such things as DateTime format d) will use the client's preference.
Globalization element of web.config on MSDN: https://msdn.microsoft.com/en-us/library/ydkak5b9(v=vs.71).aspx
I have an article based website where users can login, post articles etc.
The url I am using for a registered user looks as follows (only example):
http://example.com/Author/1234/Screenname
Like you can see, I am passing through the ID (1234) and using the users screen name.
The Problem
Passing the ID is 100% fine, but once a user has a special character or anything that is not A-Z, it will return a 404 or a Bad Request page.
Problematic URL
See /Screen.name - I want to replace special characters, coz it will cause a Http error.
http://example.com/Author/1234/Screenname.
I want to use the Intelligencia UrlRewriter in the web.config (or any other global solution, e.g. global.asa) to replace special invalid url characters.
My current web.config rewriter code:
<rewrite url="^~/Author/(.+)/(.+)" to="~/Contributor_Profile.aspx?auID=$1&auN=$2" processing="stop" permanent="true"/>
Try this in your web.config
<httpRuntime relaxedUrlToFileSystemMapping="true" />
I'm just meddling in the ways of the RESTful web service in C# using ASP.Net 2.0 and have managed (via a class library, a reference to dll produced by the former and some adjustment of my web.config) to coax out a URI format like so:
http: //localhost/DevelopmentProject/testhandler/?input=thisismyinput
Which unremarkably just returns the input as a piece of text with the enlightening prefix "Your Input Was: "
I was under the impression that I could get the URI to become further ensmoothened to something more along the lines of:
http: //localhost/DevelopmentProject/testhandler/thisismyinput
and have the same result but have no idea how to get rid of the pesky "?input="
The entry to the httphandlers section of my web.config is (spaces added so code displays):
< add verb="*" path="testhandler/*" type="HandlerLib.testhandler, HandlerLib"/ >
I am running IIS 5.1 on the local machine, will this introduce a problem?
Essentially where am I going wrong?
Thanks.
One solution is to use UrlRewriting to rewrite the Url to what you need.
I use http://urlrewriter.net/ to do all my rewriting, and you could setup something like this in your scenario
<rewriter>
<rewrite
url="DevelopmentProject/testhandler/([\w]+)"
to="DevelopmentProject/testhandler/?input=$1" />
</rewriter>
This would remain "http: //localhost/DevelopmentProject/testhandler/thisismyinput" in your browser address bar, yet process as "http: //localhost/DevelopmentProject/testhandler/?input=thisismyinput"
You could implement URL rewriting, using something like URLRewriter.net
That would let you use the syntax you've mentioned.
I kinda cheated.
Try:
My Article About How I Got Round It
Change your config from:
< add verb="" path="testhandler/" type="HandlerLib.testhandler, HandlerLib"/ >
to:
< add verb="" path="testhandler/*" type="HandlerLib.testhandler, HandlerLib"/ >
Check out the value of Request.PathInfo in your handler's ProcessRequest function
with a URL like http://localhost/DevelopmentProject/testhandler/thisismyinput.
If that doesn't do it, make sure that IIS 5.1 is routing ALL requests to the aspnet_isapi.dll. (Although, it seems like it already is) This is the "Configuration..." button > "App Mappings" tab in your virtual directory in IIS.