(i've asked a similar question earlier, but this is a more specific question, thats why i start a new thread.)
I am at the beginning of a asp.net project where i maybe will use url rewriter. (for the first time)
I have a couple of users who have individual subdomains.. and in every subdomain each user has individually categories, sub categories and pages. so for example, a users webpage could look like:
user1.mydomain.com/category1/sub1/page1
user1.mydomain.com/category1/sub2/page45
user1.mydomain.com/category1/page123
user1.mydomain.com/category2/sub56/page134
as you understand these categoris and pages are dynamic, and i want to use url rewrite.
But due to large amount of users, i dont want one HUGE list of urlrewrites.
So my question is.
Is it possible to rewrite the URL multiple times?
first the web application check for the subdomain, which gives us some ID for the wep page.
user1.mydomain.com/category1/page1.aspx -> users.mydomain.com/category1/page1.aspx?accountID=1
and then depending on the, in this case, accountID checks for the correct "lookup table for url rewrites"
something like:
account1_url_list
account2_url_list
...
To get the correct url for the rest of the "pretty-url", in this case "/category1"
i guess that the web.config file cant handle so many url-rewrites?
And one other question.
What happens with urlrewrite when one of the users points his own domain to his page at my web application?
So that the adress bar in internet explorer, or firefox is something like:
www.user.com points at user1.mydomain.com
am I able to get the correct ID of that user?
Thanks!
Matte
Thanks for the reply.
Unfortionally i am not able to run a url rewrite on the IIS, i think. Only some kind o .net rewriter like
www.urlrewriting.net
I have a question regarding someone pointing his own domainname to my web application.
Is it possible to use the ”user1.”, ”user2” sub domain names to match the user to his account, or do I also have to use his domainname during the process to find his accountID?
Lets say user1 owns a domainname. www.user1domain.com
he points that domain to user1.mydomain.com
so the visible url is www.user1domain.com.
What happens?
Is there some command to find what subdomain his domain is pointing to?
Thanks!
Yes, URL Rewriter supports multiple processing steps, as Eok discusses in his blog entry regarding the processing chain and continuing or stopping processing: http://blogs.iis.net/eokim/archive/2008/06/05/url-rewrite-module-basic-understanding-lt-rule-gt.aspx
The web.config can handle a very large number or rewrite rules (I don't actually know how many, but it might be fun to test!).
If you've got more than say a couple dozen rules you might have a problem that could be refactored and simplified.
Related
I've noticed a large increase in the number of events logged daily that have &hash= in the URL. The requested URL is the same every time but the number that follows the &hash= is always different.
I have no idea what the purpose of the &hash= parameter is, so I'm unsure if these attempts are malicious or something else. Can anyone provide insight as to what is being attempted with the requested URL? I have copied in one from a recent log below.
https://www.movinglabor.com:443/moving-services/moving-labor/move-furniture/&du=https:/www.movinglabor.com/moving-services/moving-labor/move.../&hash=AFD3C9508211E3F234B4A265B3EF7E3F
I have been seeing the same thing in IIS on Windows Server 2012 R2. They were mostly HEAD requests. I did see a few other more obvious attack attempts from the same ip address so I'm assuming the du/hash thing is also intended to be malicious.
Here's an example of another attempt which also tries some url encoding to bypass filters:
part_id=D8DD67F9S8DF79S8D7F9D9D%5C&du=https://www.examplesite.com/page..asp%5C?part...%5C&hash=DA54E35B7D77F7137E|-|0|404_Not_Found
So you may want to look through your IIS logs to see if they are trying other things.
In the end I simply created a blocking rule for it using the Url Rewrite extension for IIS.
Asp.Net Web Forms: I need an advice about handling urls like many news site do.
Example: i've seen that some site publish an article about a soccer match and its url is something like this:
http://siteAddress/soccer/big-match-Milan-Champions-league
In an intranet scenario (that i'm used to) i would have had a table with a numeric id and my url would have been this:
http:/ipAddress/article.aspx?id=345
How can i obtain an url like that?
I know the urlrewrite concepts in asp.net.
Thank you!
ScottGu's article describes several ways to solve this problem: http://weblogs.asp.net/scottgu/archive/2007/02/26/tip-trick-url-rewriting-with-asp-net.aspx
On my site, I created an HttpModule (like his 2nd & 3rd approaches). The module calls the database to lookup the article ID that matches the given URL. If a URL is found, then the module calls Context.RewritePath to send the incoming request to the correct page.
If you do this, make sure to cache the database calls. It would be best to not call the database for every incoming request. Depending on how often you generate new content, you could pre-fetch all of the "url to article ID" mappings from your database so that you wouldn't need any database hits to rewrite the URL.
We have a web application, say mysite.com.
Now users can come and create pages like, mysite.com/page/mypage. Here 'mypage' is unique identifier for the page he/she has created. So whenever mysite.com/page/mypage url is requested, it hits our 'pagerequestservlet', which gives out requested page data.
Now what I want is, whenever user hits, mypage.mysite.com, then also we give out the same page related info (that we give out on mysite.com/page/mypage). This would mean, I need to make all my *.mysite.com requests to be handled by 'pagerequestservlet' (or a similar servlet). Then I can just parse the request URL, identify the identifier 'mypage' and return the data.
Now my question is, how to make all my *.mysite.com requests to be handled by 'pagerequestservlet'? I am using GoDaddy as my domain registrar.
You must setup your DNS to allow such wildcards, I don't know wheter GoDaddy supports this.
A servlet is "DNS-agnostic", normally it does not need to know anything about its domain name. This way it's possible to deploy the same servlet on different environments or even with different context roots (example.com/a and example.com/b).
You still have access to the domain name via ServletRequest#getServerName(). You could implement a Filter that handles the subdomain part and redirect to the correct page. But be aware - if you run in a clustered environment or behind a load balancer, this would not return mypage.example.com, but the name of the host ther servlet was deployed to.
We are working on the conversion of an ASP site to ASP.Net and are running into problems with redirects and resource locations. Our issues are coming from a peculiarity of our set-up. Our site can be accessed in two ways:
Directly by URL: http://www.mysite.com - in this case everything works fine
Via a proxy server with a URL like: http://www.proxy.com/mysite_proxy/proxy/
In #2 "mysite_proxy" is a mapping on proxy.com that directs the request behind the scenes to www.mysite.com, "proxy" is a virtual sub-website that just redirects the request to the root of www.mysite.com. It essntially is meant to give us a convenient way of knowing if a request is hitting the site from the proxy or not.
We are running into two problems with this setup:
Using Response.Redirect either with the "~" or a plain relative path (Default.aspx) generates a 302 response with a location of "/proxy/rest_of_the_path.aspx." This causes the browser to request http://www.proxy.com/proxy/rest_of_the_path.aspx which isn't anything and doesn't even hit our server so we couldn't do an after the fact re-write.
Using "~" based URLs in our pages for links, images, style-sheets, etc. creates the same kind of path: "/proxy/path_to_resources.css." We could probably solve some of these by using relative paths for all these resources though that would be a lot of work and it would do nothing to address similar resource links generated by the framework and 3rd party components.
Ideally I want to find a global fix that will make these problems transparent to the developers working on the site. I have a few ideas at this point:
Getting rid of the proxy, it is not really needed and is there for administrative and not technical reasons. Easiest to accomplish technically, the hardest to accomplish in the real world.
Hand the problem off to the group that runs the proxy and say it is their problem they need to fix it.
Use a Response filter to modify the raw html before it is sent to the client. I know this could fix my resource links, but I am not certain about the headers (need to test it out) and there would be a performance hit to having to parse every response looking for and re-writing urls.
All of these solutions have big negatives in my mind and I was hoping someone might have another idea. So any thoughts?
Aside: there are a lot of posts up already that deal with the reverse of this issue: I have a relative URL, how do I may it absolute, but I didn't come across anything that fit the bill for the other direction.
As a fix, I'd go with a small detection routine at Global.asax:Session_Start (since i imagine that the proxy doesn't actually starts another application instance), set a session variable with the correct path, and use it instead of '~'.
In the case a different application instance is used, then use Application_Start instead of Session_Start and a static Global variable instead of a Session variable.
I'm replacing an old web application with a new one, with different structure.
I can not change the virtual directory path for the new app, as I have users which have bookmarked different links to the old app.
Lets say I have a user, who has this bookmark:
http://server/webapp/oldpage.aspx?data=somedata
My new app is going to reside in the same virtual directory, replacing the old one, but it has no longer oldpage.aspx, instead it has different layout, but it still needs the parameter from the old url.
So, I have set to redirect 404 errors to redirectfrombookmark.aspx, where I decide how to process the request.
The problem is, that the only parameter I receive is "aspxerrorpath=/webapp/oldpage.aspx", but not the "data" parameter, and I need it to correctly process the request.
Any idea how I can get the full "original" url in the 404 handler?
EDIT: reading the answers, looks like I did not make the question clear enough:
The users have bookmarked many different pages (oldpage1, oldpage2, etc.) and I should handle them equally.
The parameters for each old page are almost the same, and I need a specific ones only.
I want to re-use the "old" virtual directory name for the "new" application.
The search bots, etc., are not a concern, this is internal application with dynamic content, which expires very often.
The question is - can I do this w/o creating a bunch of empty pages in my "new" application with the old names, and Request.Redirect in their OnLoad. I.e. can this be done using the 404 mechanism, or some event handling in Global.asax, etc.
For the purposes of SEO, you should never redirect on a 404 error. A 404 should be a dead-end, with some helpful information of how to locate the page you're looking for, such a site map.
You should be using a 301, moved permanently. This allows the search bots to update their index without losing the page rank assigned to the original page,
See: http://www.webconfs.com/how-to-redirect-a-webpage.php on how to code this type of response.
You could look into the UrlRewritingNet component.
You should also look into using some of the events in your Global.ascx(?extention) file to check for errors and redirect intelligently. The OnError event is what you want to work with. You will have the variables from the request at that point in time (under the HttpContext object) and you can have your code work there instead of a 404. If you go this route, be sure you redirect the 404 correctly for anything other than oldpage.aspx.
I am sorry I don't have any explicit examples or information right now, hopefully this will point you in the right direction.
POST and GET parameters are only available per request. If you already know the name of the old page (OldPage.aspx) why not just add there a custom redirect in it?