Where are the default Descriptions stored for the various ASP.NET HTTP errors hosted on IIS? Can they be accessed via code?
EG. The default error page for a 404 will include the following text:
Description: HTTP 404. The resource you are looking for (or one of
its dependencies) could have been removed, had its name changed, or is
temporarily unavailable. Please review the following URL and make
sure that it is spelled correctly.
Can we read this string via code?
I can catch an HttpException (I know a HttpException != HttpError) and do things like .GetHttpCode(), but I haven't seen anywhere detailing where the IIS error messages are stored and whether I can access via code.
It would be nice if I was able to reuse the default text in a custom error page when I don't want to come up with it myself.
UPDATE 1
Following one of the comments, I investigated IIS to see where it's Error Pages are configured. Sure enough, there is an Error Pages directory, defaulting to, for example "%SystemDrive%\inetpub\custerr\\404.htm", however these error messages are different from the ones that are shown by the web application (which I assume are generated by .NET).
EG
The resource you are looking for might have been removed, had its name
changed, or is temporarily unavailable.
These error pages are physical pages hosted on the web server, so accessing them via code is not the option I am seeking.
As suggested in the comments, these strings are resources within the System.Web assembly, and there's no systematic means of retrieving just the ones related to HTTP error codes1 (versus all of the other string resources within System.Web)
For example, this Console application, with a reference to System.Web:
using System;
using System.Resources;
namespace PlayAreaCSCon
{
class Program
{
static void Main(string[] args)
{
var rm = new ResourceManager("System.Web",
typeof(System.Web.HttpApplication).Assembly); //Arbitrary type
Console.WriteLine(rm.GetString("NotFound_Http_404"));
Console.ReadKey();
}
}
}
Generates this output2:
HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Note also that the fact that these strings are stored as resources is an implementation detail and not documented anywhere, so you'd have to accept that any code based on accessing these resources could be broken by any future updates to the .NET Framework (although it's unlikely to change in practice).
1By which I mean I had to use a decompiler to find the magic string "NotFound_Http_404" used in this sample. There's no logical way to go from that to the needed string for any other status code.
2On a machine where no effort has been made to select anything other than the en-US locale. YMMV.
Related
I have a browser-based InfoPath 2010 form. I'm getting an error opening the form in one environment. It works in at least three other environments. The error is:
The form template failed to load... Type: XmlException, Exception Message: For security reasons DTD is prohibited in this XML document. To enable DTD processing set the ProhibitDtd property on XmlReaderSettings to false and pass the settings into XmlReader.Create method.
I have seen this question posted around the Web, but the answers are vague and varied and are centered around products besides InfoPath. We also have other forms working in the environment where this form is failing, so it's something related to this particular form in this particular environment.
Problem solved. The error message was misleading, but turns out one of the data connections had a URL pointing to the wrong SharePoint farm. It was supposed to be pointing to the local form library. Cross platform calls tend not to work.
Basically make sure that the domain name in the connection file is matching the domain name where you're publishing your form.
For example, if your InfoPath form is located in:
https://extranet.MySiteName.com/The-Rest-Of-Your-Domain-Name
then make sure that all the domains (in this example extranet.MySiteName.com/)
in your data connection file match. The connection file line may look similar to this:
<udc:Query>
https://extranet.MySiteName.com/_vti_bin/My-WCF-Services/My-Data-ServiceName.svc/
</udc:Query>
I added WebResource.axd (empty file) manually in production environment (IIS7 and Windows Server 2008) after chrome and firefox was giving error 404 for WebResource.axd. And now it is working fine, even with parameters. I am not sure why ASP.NET generating this script in final render result (no problem with VS2008), but now it is working. I want to know, is there any security implications other than what normally associated with WebResource.axd as it is in root directory?
Thanks
I also had this issue recently, after a code change WebResource.axd stopped working for my site. Basically, it exposes dynamic resources over http. For a longer explanation visit:
Just where is webresource.axd?
Typically, what happens is that one of the dynamic resources being requested has failed, but the resource name is encrypted. This blog post will help you decrypt the name, use it and the query string of your failing webresource.axd?___ request to figure out where the error is coming from.
Telerik webresource troubleshooting
I found in the error logs of my website requests made to URLs containing invalid characters. The URLs that are requested are made of pieces of code, e.g:
/Templat<div class="right-se
*The URLs are always a mix of pieces of code. Different parts from different places in the same page. Liket the example above, which the first part is a path to the CSS file and the second is a HTML tag.
I have been analyzing all the errors found to try to find a pattern, but no luck. They happen in different pages, of different types.
The only two pattern I seem to find is that all the URLs or most of the start with '/Templates' or a piece of that text '/T' and that all the errors are in IE7 and IE8
This is the error shown in the logs:
Class and function: Global.asax.Application_Error
Exception type:
Message: RawUrl: /T <div id=
Referrer path and query: /aboutus
User web browser: IE. Version: 8.0.
A potentially dangerous Request.Path value was detected from the client (<).
Stack trace: at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)
I have not been able to reproduce the error in the test environment or production, and don't know really where to start looking at my code.
The website is made in ASP .NET running in IIS7 with .NET 4.0
Thanks
ASP .Net does a request validation for preventing different "hacking" attacks. When an input looks like that, it raises these errors.
Many crawlers scan websites, some might be asked to do this (your company paid for) other simply to find vulnerabilities and exploit them. The requested URLs might not look with something you have in the sitemap.
I have an application in asp.net.I configured it in IIS.When i running this application in IIS i getting an error;
Server "/" error:
Resource Cannot be Found
Error:404
Some of pages only produce this issues.Other forms are working perfectly.Without running application in IIS Its working perfectly.
If any one can answer plz send the answer immediatly.
Thank you
I assume that the urls for some of your pages are malformed.
Check in your app how you are building the paths.
Personally, i use to have a class like PathsUtil, where i build all of my paths for the pages,
so when i'm moving to IIS, it's extremely easy just to correct something (for instance add a virtual dir etc).
Update:
- for the PathsUtil i use Paths.resx where i have defined all of my paths like
Name Value
index /Site/index.aspx
add.user /Site/addUser.aspx
and so on.
And in PathsUtil i only take the value from the Paths.resx and i build the url:
string baseUrl = getBaseUrl() + (String)HttpContext.GetGlobalResourceObject("Paths", "index");
I've just moved to an IIS7 server, and there i've created a virtual dir "gramma"
You can note that was a piece of cake only to add "/gramma" in Paths.resx, in front of each url :)
Look for the Response.Redirect() calls in the page previous to the form you are getting the error. Just make sure that any harcoded URL for the form supplied to the Response.Redirect() call is correct.
EDIT..
Also, look for If you are navigating to a form which is in a different directory than the current one. For example:-
Response.Redirect("../SomeForm.aspx");
will redirect to an ASPX page just one level up of the current one. Each pair of dots implies one directory level up.
In thses cases, I think, you are better off using ~ (tilde) character which will always take the path from the root. So the mistakes happening because of incorrect number of dots can be minimised.Try something like this:-
Response.Redirect( this.ResolveUrl("~/Myfolder/SomeForm.aspx") );
More details for the ~ and ResolveUrl here.
This can also happen If you have window.location calls in javascript if you assign an incorrect URL to the same.
I cannot get the URL rewriting module to work on my local PC (vista x86)
i set up a new rule using the 'user friendly url' template.
a picture rather than 1000 words....
(the image contains 3 shots - creation, config and pattern test)
http://www.sk8loc8.com/rewriteIssue.jpg
so now that is setup if i request 'localhost/iisrewriteurl/content/5 i should see my content.aspx page.
nope...
Error Summary
HTTP Error 404.0 - Not Found
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Detailed Error Information
Module IIS Web Core
Notification MapRequestHandler
Handler StaticFile
Error Code 0x80070002
Requested URL IISRewriteURL/content/5/
Physical Path C:\Users\Guy\Documents\Visual Studio 2008\Projects\IISRewriteURL\IISRewriteURL\content\5\
Logon Method Anonymous
Logon User Anonymous
When i go back into the rule itself and test the patterns that IIS made for me, they do not work..
I have tried adding a wildcard script map under the handler mappings section but this makes no difference.
Has anyone seen this type of behaviour before? Or am i missing something very simple?
If you test the pattern you dont need the Host
I always just create Blank Rules and not had a problem that way since not sure if it matters though. I cannot discover why that rewrite wouldnt work perhaps other rules are blocking it?
Alternatively you may have a look at Helicon Ape product that emulates Apache modules behavior on IIS7. It has simpler syntax and Helicon Ape Manager automatically checks the syntax of the rules you write.