Google's webmaster tools has started showing some very strange internal links for my site. It appears "normal", but I'm not sure what to make of it. If you use parentheses and put in a single letter, then put literally anything in parentheses after that, the link works. I did a search for any other MVC sites so I could see if they had the same behavior. Microsoft's site came up at the top of the list with an odd link as well. The search terms were "asp.net mvc site" and the first link I got was for:
http://www.asp.net/(S(d35rmemuuono1wvm1gsp2n45))/mvc
I don't like this at all. You can change the S to an A or any other letter, and then put any text you want in the next section. Anyone know how to stop it? For the life of me I can't see anything wrong with my routes. I used MVC so I wouldn't have strange url's floating around in search engines so this is pretty disappointing.
Nearest I can guess from the Google "internal links" list is that it may be a cookie. But I can't find any circumstance when I view the source on my site where I see anything but the proper relative links.
That looks like the Session ID format used when cookieless sessions are turned on (<sessionState cookieless="true" /> in Web.config). This appears to be general ASP.NET behavior, not just MVC, as I was able to reproduce this behavior with a standard 3.5 Website project in VS 2010.
It seems that ASP.NET will process values in that form as if it were a Session ID, even if you do not have cookieless sessions turned on.
It's hard to diagnose the situation without seeing your actual site configuration and logs, but if I had to guess, I'd say that the Google webmaster tools are not returning the session cookie to your site in the request, so the site is falling back to cookieless method in an attempt to maintain the session.
This is for cookieless sessions.
Since google is scanning with a bot, its using the cookieless session.
More info:
Asp.net cookieless sessionId url location
Related
First off i'll advise i'm not familiar with implementing url re writing on any level.
That said I do know there are 2 types or rewrites setup for this site.
One I can locate and is solely responsible for top level rewrites (turning .com to .co.uk)
There is another rewriter implemented somehow somewhere, very early on in a pages lifecycle and I cannot find how or where the site is doing this. It's possible it's all handled in a 3rd party DLL but I would like to know the steps I might go through to prove or disprove this.
Thanks
What does your web.config have registered in the httpModules section? Often URL Rewriters are registered very early in the request life cycle. httpModules and httpHandlers can grab the request here. This is of course assuming you've ruled out IIS redirects. After that you can look for manual redirection in the global.asax file. There are a lot of places to look when you don't know how the original coder decided to implement the idea. I've seen some bad places, including in the constructor of a common base page inherited by every page on the site.
URL rewriters are typically ISAPI filters - you can search currently applicable ISAPI filters on Web Site or Folder properties in IIS 6 (you might have ISAPI filters in right context menu), on II7, ISAPI filters in features view when you select web site or folder.
With .NET 3.5 or 4.0, its possible that ASP.NET routing might be the reason - you can locate that in web.config or global.asax (common places for putting the routes).
My word i'm so sorry after finally tracking down an original dev there is no re-writes whatsoever. The solution is complex but workable. Weird etc :). Love IT.
I have tried googling and searching for this issue on SO - but have had little success - primarily because I am not sure whether I am searching right.
I am working on an ASP.Net Web Application Project (not website) using Visual Studio 2008, C# and Cassini for testing.
However, everytime I run the site, I get a URL such as:
http://localhost:8671/(S(saifdk55xyhalrqbstrtrdiw))/SubjectClassTeacher/Default.aspx
Even if I modify the URL and try to go to:
http://localhost:8671/SubjectClassTeacher/Default.aspx
I am redirected back to this URL.
The garbage value in the center: (S(saifdk55xyhalrqbstrtrdiw)) keeps changing every few times I compile and I have no idea why it gets injected or how to disable it.
Could anyone throw any light on this issue?
Primarily, I would like to know why this happens and how do I disable this.
Because this happens when I deploy the website on IIS as well.
Any help is appreciated.
Thank you.
This is a clever feature in ASP.NET* called cookieless sessions. It works by injecting your session ID into every URL, so ASP.NET can tell the difference between user A who visits a page, and user B who visits the same page. Normally this is accomplished with cookies, but this approach removes the dependency on the end-user having them enabled.
From MSDN:
...you don't have to change anything in your ASP.NET application to enable cookieless sessions, except the following configuration setting.
<sessionState cookieless="true" />
*The concept is not exclusive to ASP.NET, but it is baked into ASP.NET and - as you've discovered - can be turned on with no particular effort on the part of the developer.
Our customer has a requirement to extend the functionality of their existing large government project. It is an ASP.NET 3.5 (recently upgraded from 2.0) project.
The existing solution is quite a behemoth that is almost unmaintainable so they have decided that they want to provide the new functionality by hosting it on another website that is shown within the existing website.
As to how this is best to be done I'm not quite sure right now and if there is any security issues preventing it or that need to be considered.
Essentially the user would log on to the existing web site as normal and when cliicking on a certain link the page would load as normal with some kind of frame or control that has within it the contents of the page from the other site. IE. They do not want to simply redirect to the other site they want to show it embedded within the current one such that the existing menus etc are still available.
I believe if information needed to be passed to the embedded page it would be done using query strings as I'm not sure if there is even another way to accomplish this.
Can anyone give me some pointers on where to start at looking to implement this or any potential pitfalls I should be aware of.
Thanks
if the 2 sites are hosted from the same network (low latency between them) you could use state server for session management. that way, when you authenticate on one site, you will also be authenticated on the other, and share user state across them.
its pretty simple, in your web config of each web server you'd point to the state server (which could be located on one of the web servers)
<configuration>
<system.web>
<sessionState mode="StateServer"
stateConnectionString="192.168.1.103:42424"
/>
</system.web>
</configuration>
http://en.csharp-online.net/ASP.NET_State_Management%E2%80%94Storing_Session_State_out_of_Process
create a virtual directory under the primary domain. If your domain is www.mydomain.com then create a virtual directory www.mydomain.com/site and port the new website application under /site virtual directory. This was linking should become very much relavant. With this the virtual-directory application will also retain all domain cookies set by primary domain.
I would suggest to make the second website look exactly like the first one or at least use the same MasterPage, so you can redirect from one site to another without any visual difference.
If your site needs authentication, consider that you would need to do something to prevent the user to log in twice, an option could be to send an encrypted token to the second site.
All of this if you are forced to have a second site, if not just use a virtual directory
You could use something like UFrame. I've used it a couple of times and seems to do quite a good job with it...
"goodness of UpdatePanel and IFRAME combined"
http://www.codeproject.com/KB/aspnet/uframe.aspx
I would use an iFrame to embed that website in within your existing application. Just set the "src" attribute and pass in any query string parameters the other site needs to render correctly.
You can still pass in sensitive data in the query string, however it would make sure to encrypt it before sending it in.
I know it is not the most elegant solution, but it gets the job done. And from the description of the existing app, it doesn't seem like your customer cares for "elegance" :)
Hope this helps
When clicking the save button on a asp.net web form page, I get the following immediately:
The specified URL cannot be found
This does not happen when I try this using a browser on the web server.
Has anyone run across this problem before? Is this some kind of security issue?
More information. I tried a test page that included all of the form fields and a button that didn't do anything but write to a log4net log. Same problem on the button click. This is just weird.
Found the solution to this!!! Turns out the firewall was blocking request that had more then 40 parameters in the query string.
Could you provide a bit more information?
This could be caused by a lot of things:
Is IIS configured properly for the site? Authentication, host header settings?
Did you try http://localhost/.. on the webserver or did you use the webserver's host name?
Are you redirecting the user? What are you doing in the button event?
Are you using URL routing? Or a handler that might be causing problems?
What version of the .NET framework are you running? 1.1 / 2.0 / higher?
Does the page include javascript that could cause unexpected results?
Checked for crazy stuff in your web.config?
Sometimes it's a good idea to take a step back and create a new ASPX page and test if that one works. Start from a predictable scenario and move towards your current scenario in baby steps.
I have a large-ish web project which is migrating from classic ASP to ASP.NET (about time), and would like to redirect requests from the old addresses, such as:
/some/path/old-page.asp?foo=bar
to the new addresses:
/other/path/new-page.aspx?qaz=bak
For a fairly long time, there will be classic ASP pages running in parallel with ASP.NET pages, with individual pages being replaced by their ASP.NET versions over time. Where possible, I want to redirect from the old pages to the new ones to keep users from receiving 404 errors, and also to keep the accumulated PageRank on the pages.
My question is, how would you do the redirection logic from the classic ASP to the new templates? The obvious solution is to replace old-page.asp with some simple VBScript that redirects to new-page.aspx, but in the long run I want to get rid of the old .asp files, so I would like to implement the redirection in such a way that they will exist also after the site is completely running in .NET.
One option would be to map the .asp extension to ASP.NET, and implement the redirection as an HttpHandler, but I guess there is no way of making the classic ASP engine run after the request has been passed to ASP.NET.
A couple of years ago, I ran into the very same issue at an eCommerce company where we upgraded their website to .NET. The main issue is that we had no idea how many customers had the old asp pages in their favorites, as well as the issue of SEO. Yes you can map the asp extension to ASP.net, but you lose the ability to run the asp files at all, so that would require that you update ALL asp pages, which may not be feasible.
The best solution I found at the time was to implement an ISAPI redirection filter in IIS. This is an app that is run by IIS BEFORE, the asp or asp.net runtimes. It would make a decision based on the url or any rules you want, whether it should allow the asp files to run or whether they should be redirected, or use url-rewriting to handle the request. It is not always a clean operation, since it runs before your website's request do, and confusion can happen later if other developers don't know it is running. So make sure if you go this route, that your website has plenty of comments or documentation to let developers know there is this thing in IIS running...
There is a good explanation of how to implement this in Code Project. Go here and check it out. http://www.codeproject.com/KB/ISAPI/isapiredirector.aspx
Good Luck!
You should use the "HTTP 301 - Permanently Moved" response code, as this is precisely what it is designed for.
http://en.wikipedia.org/wiki/HTTP_301
An ISAPI redirection filter will work in the sense that, yes, it will redirect visitors to the new URL.
However there are three key problems with the ISAPI redirection strategy.
More code to write/maintain
Bookmarks and search engine entries will never be updated with the new and correct URLs
If foo.asp is transparently redirected to bar.aspx and both are indexed by Google, you'll have two duplicate URLs to the same content in Google. This clogs up search results and is actually against their TOS I believe.