I have a redirect on global.asax application_error function. When i'm debugging, every exception is treated by the function. When i am running application on web server, appears the error default page of the IIS. I have IIS7 and Visual Studio 2005.
Best regards!
IIS actually also has a fourth type of error page it can show. This page will be returned when you configure HTTP Errors to use a custom error page and a problem occurs when IIS tries to render it.
When IIS received a request for a given page in the demo application, it passes it to the ASP.NET runtime to be handled. The runtime generates a response which IIS then examines. IIS will potentially take action and replace this response if the response has an HTTP status code that is an error status code.
- If existingResponse is set to PassThrough, IIS takes no action and
the response is returned unaltered.
- If existingResponse is set to
Replace, IIS replaces the response with its own, according to the
value of the errorMode attribute so it will either replace it with a
detailed, a basic, or a custom error page.
- If existingResponse is set
to Auto, IIS replaces the response generated by ASP.NET with its own,
unless something called the SetStatus flag is set. (I will discuss
that flag later in this post.)
http://perspectivespace.com/error-handling-in-aspnet-mvc-3-part-2-custom
Related
We got the following problem:
I am currently developing a web server implementing a specific API. The association behind that API provided specific test cases I'm using to test my implementation.
One of the test cases is:
5.3.2.12 Robustness, large resource ID
This test confirms correct error handling when sending a HTTP request with a very long location ID as URL parameter.
The url its calling looks something like this:
https://localhost:443/api/v2/functions/be13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005ebe13789-1f1e-47d0-8f8a-000000000005
Basically the tests checks, if my server responds with the correct error code if the URL is too long. (At the time of writing it is testing for Errorcode 405, but I already asked them if it shouldn't be 414)
I'm developing the server in Asp.Net 6 and it always returns Bad Request 400 in the testcase.
I don't seem to find a place to change the handling for this behaviour and I am not even sure, if I can, or if the IIS is blocking the request even before it reaches my server. I activated logging in IIS, but the request does not show in the logfile in inetpub/logs/LogFiles.
My question would be, if it is possible to tell IIS to return a different error code in this case, or if it is even possible to handle the error in my application.
What I tried:
Activating IIS Logs to see if the request is even passed to my site. (It did not)
Tried adding Filters to my Controller to see if I can catch an Exception
Checked, if Development Error Sites are called.
Breakpoints in existing middlewares are not reached.
EDIT:
I am now pretty sure now, that the request never reaches my application.
It is possible to reproduce the error by using the default site the IIS generates on windows. Just copy the whole path from above into a browser with the host http://localhost will also just produce the error 400
EDIT 2:
As #YurongDai pointed out, I tried activating failed request tracing for my IIS Site. I used the default path \logs\FailedReqLogFiles.
The folder was created, but no file is written, when I'm opening the URL above in my browser.
IIS Error 400 occurs when the server is unable to process a request sent to a web server. The most common cause of Bad Request error 400 is an invalid URL, but it can happen for other reasons as well. To resolve IIS Error 400, first make sure that you have entered the URL correctly, typos or disallowed characters in the URL are the most common causes of Bad Request errors. If the error persists after verifying the URL, please clear your browser's cache, DNS cache, and cookies and try again.
Clear your browser's cookies.
Clear your browser's cache.
Clear your DNS cache.(Execute the following command in the command prompt window: ipconfig /flushdns)
I am upgrading a Web project from Windows XP / Visual Studio 2010 to Windows 8.1 and Visual Studio 2013. When I do this I get a migration report showing two warnings and 15 other messages, none of which appear to be of any consequence. I then adjust the target framework for the web project to 4.5.1 and run the project.
This displays the web page as I expect, but any interaction with it (selecting a new item on a pull-down, for instance) results in the error:-
HTTP Error 405.0 - Method Not Allowed
The page you are looking for
cannot be displayed because an invalid method (HTTP verb) is being
used.
Attempting to discover the reason for this, I find all the source code (.aspx files, .cs files, .config files and .css files) are all missing. Fortunately I can recover them from the backups that the migration process made, but this is still rather alarming. Can anyone tell me how to prevent this? What project setting might be responsible?
Edit I have tried copying the code back into the project directory after displaying the web page for the first time. Selecting a new item on the pull-down then works, but deletes the source code again. So the HTTP error appears to be a consequence of the page being actually missing during the post-back.
The page you are looking for cannot be displayed because an invalid
method (HTTP verb) is being used.
Cause 1
This problem occurs because the client makes an HTTP request by using an HTTP method that does not comply with the HTTP specifications.
Resolution :
Make sure that the client sends a request that contains a valid HTTP method. To do this, follow these steps:
Click Start, type Notepad in the Start Search box, right-click Notepad, and then click Run as administrator.
Note If you are prompted for an administrator password or for a confirmation, type the password, or provide confirmation.
On the File menu, click Open. In the File name box, type %windir%\system32\inetsrv\config\applicationhost.config, and then click Open.
In the ApplicationHost.config file, locate the tag.
Make sure that all the handlers use valid HTTP methods.
Save the ApplicationHost.config file.
Cause 2 :
This problem occurs because a client makes an HTTP request by sending the POST method to a page that is configured to be handled by the StaticFile handler. For example, a client sends the POST method to a static HTML page. However, pages that are configured for the StaticFile handler do not support the POST method.
Resolution :
Send the POST request to a page that is configured to be handled by a handler other than the StaticFile handler (for example, the ASPClassic handler). Or, change the request that is being handled by the StaticFile handler so that it is a GET request instead of a POST request.
Reference
The program when it runs uses old scratch files; when it starts up it deletes them; it determines these by deleting all files of the form:-
HttpContext.Current.User.Identity.Name + "*.*";
which at one time deleted all the files intended. On the new Windows 8 machine, the HttpContext.Current.User.Identity.Name resolves to the null string, with the inevitable consequences...
Please excuse me while I curl up with embarrassment.
As strange as this may sound, I've been getting a Bad Request (error 400) response from IIS whenever I post a form that has an invalid date in a datetime field, as if IIS knows it's supposed to be a datetime value and is validating it somehow.
UPDATE (added more information)
It's an ASP.NET / MVC 4.0 website.
All datetime fields in the model are declared as string (for other
reasons), so I don't think it's model validation.
This behavior only occurs in one of the servers, all other machines (developer and servers) are ok.
UPDATE 2 (added more information)
It's seems to be a proxy related issue. When accessing the site locally, it works. When accessing it from another computer, returns bad request.
UPDATE 3 (add more information)
Ruled out the "proxy hypothesis". I enabled request tracing in IIS, this was logged:
ModuleName: ManagedPipelineHandler
Notification: 128
HttpStatus: 400
HttpReason: Bad Request
HttpSubStatus: 0
ErrorCode: 0
Notification: EXECUTE_REQUEST_HANDLER
ErrorCode: A operação foi concluída com êxito. (0x0)
I have two posts:
btnProcessarAutuacao=Processar&IdAutuacao=5000038&DataLimiteIdentificacaoCondutor=31%2F12%2F2013+00%3A00%3A00&DscMensagemErro=Numero+do+auto+de+Infra%C3%A7%C3%A3o+A151515+para+o+Orgao+autuador+100107+j%C3%A1+foi+digitalizado&Placa=GVQ3641&AIT=A151515&CodInfracao=7471&DscInfracao=EXC.VELOC.ALEM+50%25+MAX++++++++&CodOrgaoAutuador=100107&DscOrgaoAutuador=GOVERNO+DO+DISTRITO+FEDERAL&DataEmissao=09%2F01%2F2014&DataInfracao=31%2F12%2F2013&HoraAutuacao=10%3A10%3A00&CodMunicipio=643&DscMunicipio=643&Local1=p_local145&Local2=p_local245&X-Requested-With=XMLHttpRequest
2)
btnProcessarAutuacao=Processar&IdAutuacao=5000038&DataLimiteIdentificacaoCondutor=31%2F12%2F2013+00%3A00%3A00&DscMensagemErro=Numero+do+auto+de+Infra%C3%A7%C3%A3o+A151515+para+o+Orgao+autuador+100107+j%C3%A1+foi+digitalizado&Placa=GVQ3641&AIT=A151515&CodInfracao=7471&DscInfracao=EXC.VELOC.ALEM+50%25+MAX++++++++&CodOrgaoAutuador=100107&DscOrgaoAutuador=GOVERNO+DO+DISTRITO+FEDERAL&DataEmissao=31%2F02%2F2014&DataInfracao=31%2F12%2F2013&HoraAutuacao=10%3A10%3A00&CodMunicipio=643&DscMunicipio=643&Local1=p_local145&Local2=p_local245&X-Requested-With=XMLHttpRequest
The second post sends and invalid date (02/31/2014) for the "DataEmissao" parameter and IIS responds with error 400 (Bad Request). The first post has a valid date for the same parameter, IIS responds with OK (200).
That's the only difference I could find in these requests.
Any clues to what is happening?
Finally got it figured out.
I'm doing custom server-side validation, and whenever some field has an invalid value, I set the response code to 400 (Bad Request) and return a custom error message.
When testing locally, my custom error message goes through. When testing remotely, my custom message is replace with a default IIS error page.
All I had to do was add this to web.config:
<system.webServer>
<httpErrors errorMode="Detailed"></httpErrors>
</system.webServer>
So that my custom response text goes without being replaced by the IIS default message.
Got the answer from here: Custom 400 with message being overwritten.
This isn't strange at all :)
IIS doesn't know what the data-type of the query string parameter is supposed to be, but the application framework does. For example, if this is an ASP.NET web-page, then the ASP.NET runtime could be generating the 400, or, alternatively, a programmer could have implemented a check on the type and manually set the return code to 400.
Without more details (and some code!) it's impossible to say precisely where the 400 is being generated, but it will be along these lines...
I have a strange problem and I'm looking for some debug pointers. When a page has been removed from a site I do the following:
Response.StatusCode = 410;
Response.Status = "410 Gone";
return View("PageRemoved");
In the dev environment it works fine. In prod, the browser simply prints: "The page you requested was removed." but the View is not rendered. The 410 status is returned in both environments. At one point this was working in prod but I don't know when.
Is it possible that IIS is intercepting the 410 return code and printing this message? If so, where in IIS would this have been setup? How would you debug this? (I've put log statements in the code and the code path is identical in both environments.)
It is possible that IIS is intercepting error responses and serving a custom page. You can set a custom error page for 410 errors in IIS that will execute a specified URL on your site (or a static page if you'd like). You can find this option in Your Site > Error Pages > Add.
You can also try the following in your controller action before returning the result:
Response.TrySkipIisCustomErrors = true;
I created a simple page using the code provided by this page (the first sample):
http://www.dotnetopenauth.net/developers/code-snippets/programmatic-openid-relying-party/
But I can't seem to get it to work, I can redirect to the provider but when the provider redirects back to my page, I get error 500, "The request was rejected by the HTTP filter".
I already checked ISAPI filters which I have none.
I've never seen that error before. Is this page hosted by the Visual Studio Personal Web Server (Casini) or IIS? I suspect you have an HTTP filter installed in IIS (or perhaps your web.config file) that is rejecting the incoming message for some reason.
Note that you need to turn off ASP.NET's default page request validation on any page that can receive an OpenID authentication response because those responses can include character sequences that look like HTML/Javascript-injection attacks but in fact is harmless.
I discovered that I'm using Isa in the server, so I just followed this instructions to get it working.
http://blog.brianfarnhill.com/2009/02/19/sharepoint-gets-the-error-the-request-was-rejected-by-the-http-filter/