In my event logs I am have an warning appear:
Log Name: Application
Source: ASP.NET 4.0.30319.0
Date: 10/24/2011 11:14:18 PM
Event ID: 1309
Task Category: Web Event
Level: Warning
Keywords: Classic
User: N/A
Description:
Event code: 3005
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ASP.NET 4.0.30319.0" />
<EventID Qualifiers="32768">1309</EventID>
<Level>3</Level>
<Task>3</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-10-25T03:14:18.000000000Z" />
<EventRecordID>18706</EventRecordID>
<Channel>Application</Channel>
<Security />
</System>
<EventData>
<Data>3005</Data>
<Data>An unhandled exception has occurred.</Data>
<Data>10/24/2011 11:14:18 PM</Data>
<Data>10/25/2011 3:14:18 AM</Data>
<Data>6076bff060b440559ee331b549fac246</Data>
<Data>1629</Data>
<Data>322</Data>
<Data>0</Data>
<Data>/LM/W3SVC/1/ROOT-1-129637748517321437</Data>
<Data>Full</Data>
<Data>/</Data>
<Data>C:\inetpub\wwwroot\</Data>
<Data></Data>
<Data>168</Data>
<Data>w3wp.exe</Data>
<Data>IIS APPPOOL\DefaultAppPool</Data>
<Data>HttpException</Data>
<Data>
A potentially dangerous Request.Path value was detected from the client (:).
at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)
</Data>
<Data>
</Data>
<Data>False</Data>
<Data>
</Data>
<Data>IIS APPPOOL\DefaultAppPool</Data>
<Data>555</Data>
<Data>IIS APPPOOL\DefaultAppPool</Data>
<Data>False</Data>
<Data>
at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)
</Data>
</EventData>
</Event>
My users are accessing an RD Web page from outside the network. I have recieved no reports of failure to access the page or launch the application, and I have tested it. The only thing is that I have noticed is that you will need to launch the application more than once to get it to run.
In order to access the RD Website users type https://rdwebpage.com
They see a web page with login box. The user logs into the web page
They see the published application, the user clicks on the application it launches the RDP login, the user sings in it looks like everything is working but the application does not launch.
The user clicks a second time on the application, follows the same steps and the application opens no issues.
It looks like the cause is the url being passed instead of the expected "https://rdwebpage.com"
I see:
" http://rdwebpage.com/https:/rdwebpage.com/RDWeb/Pages/en-US/default.aspx"
The result if you look at that web page is:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the
exception can be identified using the exception stack trace below.
Stack Trace:
[HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:).]
System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +11481611
System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +184
Version Information:
Microsoft .NET Framework Version:4.0.30319;
ASP.NET Version:4.0.30319.237
Any ideas would be helpful most of what I have seen on the web is passing characters but that is not the issue. I am not sure where the url is coming from.
It sounds like there might be an improperly coded URL somewhere within the system. This can happen with web pages with links that the browser doesn't understand.
For example, if you had a link like this on this page
<a href="stackoverflow.com>Stack Overflow</a>
the browser would actually link to http://stackoverflow.com/questions/7911435/stackoverflow.com.
Using your http://rdwebpage.com/https:/rdwebpage.com/RDWeb/Pages/en-US/default.aspx it looks like you could possibly be missing the second / after the original protocol.
Make sure that the link on the login page points to https://rdwebpage... and not https:/rdwebpage...
Related
I am using Windows 10 Pro, and am running a .NET Core 3.1 application on top of IIS Express 10.0.1741 in Visual Studio 2019, version 16.7.6.
I have created a Razor page to upload a file with the exact code from this blog:
https://www.learnrazorpages.com/razor-pages/forms/file-upload
Setup for the issue: run the program (debug or release), navigate to the page using Brave browser (normal or private), and open the file upload dialog window.
Everything is fine at this point.
When the file dialog is closed, either by selecting a file or by hitting cancel, IIS Express crashes with exit code -1.
There is an error message in the Event Log:
Log Name: Application
Source: Microsoft Security Client
Date: 11/2/2020 11:20:08 AM
Event ID: 5000
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: ****
Description:
The description for Event ID 5000 from source Microsoft Security Client cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
0x1
ProtectionManagement
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft Security Client" />
<EventID Qualifiers="0">5000</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2020-11-02T17:20:08.484614300Z" />
<EventRecordID>39640</EventRecordID>
<Channel>Application</Channel>
<Computer>****</Computer>
<Security />
</System>
<EventData>
<Data>0x1</Data>
<Data>ProtectionManagement</Data>
</EventData>
</Event>
But I can not figure out how to resolve this issue. I can't find logs, or dump files for IIS Express.
I have not been able to reproduce this on another Windows Server computer on the same network, with presumably the same security settings (though it is a server OS).
I have tried to sniff the packets using Fiddler, and there isn't a new HTTP packet that comes across when this happens, so it must be at a lower level on the IP stack (connection level maybe?)
I am worried about not understanding this, and it biting me again in the future.
Any ideas about what this might be?
I host a website that provides public API access for my customers to track their orders with an order number. I have allowed them to use both POST or GET (with URI parameter) to pass the order number to me. Some of them however wrote careless codes that passes illegal chars (asterisk, colon or incorrectly encoded asian characters), like this https://mycompany.com/tracking/orderno:ODR12345 which causes IIS to throw exception:
Exception information:
Exception type: HttpException
Exception message: A potentially dangerous Request.Path value was detected from the client (:).
at System.Web.HttpRequest.ValidateInputIfRequiredByConfig()
at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)
I have inherited Application_Error method to log this exception. But it still gets thrown as a 400 Bad Request error to user browser and leave an Event 1309 in my event viewer, hence spamming the log with it.
I know I can turn off illegal-chars-exam from Web.config universally but that's a security risk. I just want to be able to handle this exception myself: capture it, log it my own way, provide useful response to user and then suppress it so it doesn't pollute my system log. How can I do this?
UPDATE
Lex gave me an idea to rewrite the URL. What I think is, I can put the parameter into the query string instead of leaving it a part of the path, so that dangerous path error will disappear. I then wrote the following rule:
<rule name="TrackingRewrite" enabled="true" stopProcessing="true">
<match url="/tracking/(.*)" />
<action type="Rewrite" url="tracking?querystring={R:1}" />
</rule>
So that https://mycompany.com/tracking/orderno:ODR12345 becomes https://mycompany.com/tracking?querystring=orderno:ODR12345 and the correct action was executed and users gets a 200 response with tracking information. However - after the controller action returned, Applciation_Error call back still gets called with the "A potentially dangerous Request.Path value was detected from the client (:)." exception and system log was added. Breaking into the Applciation_Error call back and printing the Request.Url shows the original illegal URL, not the rewritten one. How does one to comprehend this behavior?
I want to setup health monitoring in my asp.net app (using .net 4.5).
In production we will log the health events to a separate database (along with other operational type data).
In development though I'd like to setup to use the event log so there isnt a need to setup the other database when developing.
I have got logging to the event log working however I don't know how I can filter out the event log events only for the ones for my application.
Looking at them an event looks like this
Log Name: Application
Source: ASP.NET 4.0.30319.0
Date: 29/07/2012 8:50:46 PM
Event ID: 1305
Task Category: Web Event
Level: Information
Keywords: Classic
User: N/A
Computer: scorpion
Description:
Event code: 1004
Event message: Application compilation finished.
Event time: 29/07/2012 8:50:46 PM
Event time (UTC): 29/07/2012 10:50:46 AM
Event ID: 41f9c898cda14f7685f5c448f13f806a
Event sequence: 10
Event occurrence: 4
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/5/ROOT-1-129880325799889790
Trust level: Full
Application Virtual Path: /
Application Path: c:\users\pyro\documents\visual studio 2012\Projects\MvcApplication3\MvcApplication3\
Machine name: SCORPION
Process information:
Process ID: 556
Process name: iisexpress.exe
Account name: scorpion\pyro
Custom event details:
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ASP.NET 4.0.30319.0" />
<EventID Qualifiers="16384">1305</EventID>
<Level>4</Level>
<Task>3</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-07-29T10:50:46.000000000Z" />
<EventRecordID>6775</EventRecordID>
<Channel>Application</Channel>
<Computer>scorpion</Computer>
<Security />
</System>
<EventData>
<Data>1004</Data>
<Data>Application compilation finished.</Data>
<Data>29/07/2012 8:50:46 PM</Data>
<Data>29/07/2012 10:50:46 AM</Data>
<Data>41f9c898cda14f7685f5c448f13f806a</Data>
<Data>10</Data>
<Data>4</Data>
<Data>0</Data>
<Data>/LM/W3SVC/5/ROOT-1-129880325799889790</Data>
<Data>Full</Data>
<Data>/</Data>
<Data>c:\users\pyro\documents\visual studio 2012\Projects\MvcApplication3\MvcApplication3\</Data>
<Data>SCORPION</Data>
<Data>
</Data>
<Data>556</Data>
<Data>iisexpress.exe</Data>
<Data>scorpion\pyro</Data>
</EventData>
</Event>
The only thing that might be useful is the application domain but it doesn't look like that there is a way to access that through an eventlogentry short of doing some kind of nasty parsing.
Is there something I'm missing here and I could actually set something in the log that would make it easier to filter out ones just for my app, I could look for the asp.net string but that doesn't guarantee its only going to get things directly related to my app.
If it isn't possible to do this without having to rewrite the provider, is there a better provider to use for a throw away kind of development scenario that doesn't require much setup.
I have installed Tridion UI 2012 folowing to the documentation and everything seems fine and I can use the UI features such as create a new page, modify an existing page and so on but everynow and then (I haven´t been able to limit when or why) I receive a "Bad Request" error when clicking the "Update Preview".
The detailed error is displayed in the Event Viewer:
Log Name: Tridion
Source: Tridion Publishing
Date: 10/07/2012 12:03:37
Event ID: 100
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: ZZZZZ
Description:
Unable to update or add Binaries using OData Service.
An error occurred while processing this request.
BadRequest
Component: Tridion.SiteEdit.FastTrackPublishing
Errorcode: 1003
User: NT AUTHORITY\NETWORK SERVICE
StackTrace Information Details:
at System.Data.Services.Client.DataServiceContext.SaveResult.<HandleBatchResponse>d__1e.MoveNext()
at System.Data.Services.Client.DataServiceContext.SaveResult.HandleBatchResponse()
at System.Data.Services.Client.DataServiceContext.SaveResult.EndRequest()
at System.Data.Services.Client.DataServiceContext.SaveChanges(SaveChangesOptions options)
at Tridion.SiteEdit.FastTrackPublishing.ServiceImplementation.SaveBinaries(RenderedItem renderedItem, ContentDeliveryService service)
at Tridion.SiteEdit.FastTrackPublishing.ServiceImplementation.SaveBinaries(RenderedItem renderedItem, ContentDeliveryService service)
at Tridion.SiteEdit.FastTrackPublishing.ServiceImplementation.Preview(IEnumerable`1 publishedItemsInfo, TcmUri publishingTargetId)
at Tridion.SiteEdit.FastTrackPublishing.ServiceImplementation.Preview(IEnumerable`1 publishedItemsInfo, TcmUri publishingTargetId)
at SyncInvokePreview(Object , Object[] , Object[] )
at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
Have you seen this error before? Any ideas how to avoid/repair it?
Regards
Emma
A little late to the party, but in my case this was caused by binaries that were too big.
You can pinpoint the issue in more detail by following the steps: (Tridion 2011, SP1, HR2, but I assume this is also valid for 2013)
On the CMS server, open the TcmServiceHost.exe.config and
uncomment the body of the following tag:
<system.diagnostics><sources>
Locate the <sharedListeners> tag and create the directory that is mentioned in the initializeData attribute (or update this setting)
Restart the TcmServiceHost service and click 'Update Preview'. The logfile shows up and you can open it in the SvcTraceViewer
Find the red entry and go from there.
To allow bigger binaries (consider the performance cost!) go to your OData Session Preview Service and do the following:
Open the web.config and locate the <bindings><webHttpBinding> (the relevant binding of course, but usually this is the webHttpBinding.)
Add a binding with the following properties (inside the <webHttpBinding> element):
<binding name="AdustedBindingConfiguration" maxReceivedMessageSize="2097152000"
maxBufferSize="2097152000">
<readerQuotas maxArrayLength="81920" maxBytesPerRead="5120" maxDepth="32" maxNameTableCharCount="81920" maxStringContentLength="2097152" />
</binding>
Locate the <services><service> tag and find the relevante service ('Tridion.ContentDelivery.Webservice.ODataService' and update the bindingConfiguration attribute to match the name of the newly added binding (AdjustedBindingConfiguration in this case)
Hit 'Update Preview' again
I haven't seen exactly this one, but something similar when my Session Preview Content Delivery Endpoint URL was misconfigured.
Reading the error description I would guess your endpoint URL (the Session Preview oData service) is up and running, but it might have some other issues. I would checkout if you can manually browse that oData service and if that looks okay perhaps check out its logfiles for more details.
On IIS this typically means an issue with the correct jars and DLLs, please check the following steps for that:
For the oData website, ensure DLLs are copied from the User Interface folder \Content Delivery\roles\webservice\dotNET\webapp\x86_64.zip\bin and jars are updated from \Content Delivery\roles\webservice\dotNET\webapp\x86_64.zip\bin
For the oData website, verify if web.config nodes "bindingConfiguration" attribute are correct
For Preview website, ensure DLLs are copied from the User Interface folder \Content Delivery\roles\web\dotNET\webapp\x86_64.zip\bin and all jars are replaced with contents from the User Interface folder \Content Delivery\roles\web\dotNET\webapp\x86_64.zip\bin\lib
For me, the solution was to increase maxReceivedMessageSize to "524288000" and maxBufferSize to "524288000" in the standard web.config of the Session Preview Webservice
<webHttpBinding>
<binding name="HttpBinding" maxReceivedMessageSize="524288000" maxBufferSize="524288000">
<readerQuotas maxArrayLength="81920" maxBytesPerRead="5120" maxDepth="32" maxNameTableCharCount="81920" maxStringContentLength="2097152" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="None" />
</security>
</binding>
The entire error:
Server Error in '/' Application.
The HTTP verb POST used to access path '/' is not allowed.
Description: An unhandled exception occurred during the execution of the current
web request. Please review the stack trace for more information about the error
and where it originated in the code.
Exception Details: System.Web.HttpException: The HTTP verb POST used to access
path '/' is not allowed.
Source Error:
An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can be
identified using the exception stack trace below.
Stack Trace:
[HttpException (0x80004005): The HTTP verb POST used to access path '/' is not allowed.]
System.Web.DefaultHttpHandler.BeginProcessRequest(HttpContext context, AsyncCallback callback, Object state) +2871966
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +8679410
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155
To be honest, I'm not even sure where the error came from. I'm running Visual Studio 2008 through the Virtual Server. I just put a button:
<asp:Button ID="btnRegister" runat="server" Text="Register"
CssClass="bt_register" onclick="btnRegister_Click" />
On a login user control, the onclick event is just a simple response.redirect
Response.Redirect("~/register.aspx");
Debugging the project, it isn't even hitting the btnRegister_Click method anyway. I'm not sure where to even begin with debugging this error. Any information will help. I can post all the code I have, but like I said, I'm not sure where this error is even being thrown at.
Edit
It has nothing at all to do with the button click event. I got rid of the method and the onclick parameter on the aspx page. Still coming up with the same error
problem found
Okay so this is for a school project and its a group project. Some one in my group thought it would be a good idea to wrap a form tag around this area telling it to post. Found it doing a diff with a revision on Google code.
Are you rewriting URLs?
it seems that there are problems with the url rewriting.
http://www.lukemelia.com/blog/archives/2007/01/05/aspnet-the-http-verb-post-used-to-access-path-is-not-allowed/
You have to remove the mapping of ‘*’ to aspnet_isapi.dll in yourIIS settings.
While a Canvas URL value has to end in "/", the Tabl URL can be a fully qualified page (e.g. http://[DOMAIN/DIRECTORY-PATH]/Default.aspx).
I'm working locally, so http://localhost:4604/Main/Default.aspx worked for me.