My website is HTTPS and I use a redirect module to change any requests for a HTTP page into an HTTPS page. This works nicely using this...
http://www.codeproject.com/KB/aspnet/WebPageSecurity.aspx
However, the page also gets various script resources as part of the ASP.Net AJAX and Telerik controls e.g.
http://www.mywebsite.co.uk/ScriptResource.axd?d=RZJPznutyCmbbBAHSbKedj3kgUyiK7uBICOoB7IdFt8MWVJ-D-TxNWt-mdkCrv5HGSAToaV2udumFlE1EKBiow2&t=7dbf7a27
As the majority of my site uses HTTPS and then a few GET requests to form the page use HTTP IE8 does not like this at all and prompts the user to only show the content received via HTTPS. If the user does this then the ASP.Net AJAX javascript files are not loaded into the browser and chaos occurs!
Is there a way I can tell ASP.Net or IIS to serve all requests via ScriptResource.axd as HTTPS? I saw on a forum someone saying they had used a handler to do this but no example code was supplied.
Would be really greatful for a pointer in the right direction.
Thanks.
Related
I am getting a weird error on my asp.net web form page. I have a legacy page built up with full functionality. It has got several data controls on the page. After performing required operations when I click on submit button, internet explorer goes blank. It says page can't be displayed.
My code is old enough, so it actually works on few production sites. But recently I have deployed on a new production site. If I browse the same page using internal URL and perform same operation, it does not show any error message and everything works smoothly.
To give a background for the issue, when I click on submit button it calls web service on backend and comes back with web services result. Once it gets results back, it uses response.redirect() to same page (by creating url - Request.Url.AbsolutePath)with some additional parameters in querystring. If I refresh page then it shows same page correctly.
Page in IE -
Page in chrome -
Issue was not in code, but as I expected in production setup configuration. In production configuration a public URL something like www.test.com was redirected to www.test.com:7500. So when user was request website URL, it was being redirected to 7500 port on which application was hosted. It worked great until, response.redirect performed in asp.net code. When response.redirect performed in ASP.NET, in Request.Url.AbsolutePath server got URL as www.test.com:7500. So it tried to redirect it to 7500. But this redirection was set at public URL. When internally it tried to do the same it was not working.
I went with quick fix approach to fix this issue. I removed request redirection on public URL and set my site on port 80. This fixed my issue.
With out seeing the code it could be a number of things.
But as a guess I think that there maybe some url rewriting going on and then when the page posts back to its self it is not posting back to the rewritten page but to the underlining page.
You can try setting the form action to the rewritten page in the code behind.
form.action = "myrewrittenurl.com/path";
You can also try setting the form action to
<form action='#'
Which can work with some rewriters.
I'm using Akamai Edge Server to serve up all my web content except for html and aspx pages. The issue I am having is with a language switcher that does a post back to the same page and then based on the language does a response.redirect to the same page in the other language folder.
The steps that happen are:
go to page /en/default.aspx
select a different language such as fr.
The aspx code on that page calls a header user control which will then redirect to the proper language page
It fails on the postback to the control and I get an access denied on /en/default.aspx which is an akamai page not on my webserver.
If I access my dotnet server directly you'll see that the page will do a postback to itself /en/default.aspx then a response.redirect to /fr/default.aspx
Ok I figured it out that akamai edge server doesn't allow posts by default and you have to enable it. Im new to using akamai in this way didn't think it would deny such a common thing.
I have a DotNetNuke website set up with Enable SSL and Enforce SSL to allow us to have both insecure pages and secure pages such as the shopping cart.
However, I have an independent ASPX page (a PayPal IPN listener) that I want to be able to access through https://
At the moment, when a request is made to the IPN listener through SSL an HTML page containing javascript redirection code is served up to redirect to http://. Since PayPal's request doesn't respond to javascript redirects, the correct page is never requested.
Is it possible to enable SSL for this file?
EDIT: Added information about javascript redirect. Also, I have tried creating a virtual directory, but that does not allow me to use DNN application code in my aspx file.
What version of DNN? As technically I didn't think redirects should be impacting actual physical .aspx pages.
However, regardless you could put that file inside of a separate folder, then make it a virtual directory and that should block DNN's processing of the request.
You can do two simple things to overcome this:
Make sure your page is inherited from DotNetNuke.Framework.PageBase
In the aspx page, implement a PreRender method that will check request protocol and set response code to 301
Let me know if you need more help
-- Updated --
Locate at siteUrls.config in root and try adding following before </Rules></RewriterConfig>:
<RewriterRule>
<LookFor>.*PageName.aspx(.*)
<SendTo>~/PageName.aspx$1
</RewriterRule>
My setup: ASP.NET 4.0 Web Site running on IIS 6.0.
I have a site with many landing pages with virtual URLs, all being served by a single physical landingpage.aspx file (via ASP.NET 4.0 Routing), in which I use the OutputCache directive, caching the page on the server for 24 hours.
Recently, I started to experience a problem that the __doPostBack JavaScript block was missing from some of the generated pages. There is a LinkButton in the page (inside a webusercontrol), so the JS block should be there, but sometimes it isn't. This is naturally leading to JS errors in the browser upon clicking the LinkButton.
My suspicion is that maybe on the first visit to a given URL handled by the above mentioned physical .aspx file it might have been a visit by a client (a browser or a search bot) which maybe was considered by ASP.NET as a down-level browser, and therefore the doPostBack was not output into the generated cached version of the page, and then this wrong cached version is served to all the subsequent visitors...? On the other hand, I'd say ASP.NET is smart enough to generate different cached version for different levels of browsers, isn't it?
Nevertheless, my question is: can I find the cached files that are served to the visitors somewhere on the server, and somehow check if my assumptions are correct? Also, I would like to disable this ASP.NET recognition of browsers altogether and serve the same content to every browser, just as it would serve to any modern browser.
Thanks a lot for any advice and help.
Answering my own question: Confirmed that the website was sending back HTML without __doPostBack() for unrecognized browsers. Adding ClientTarget="uplevel" to the # Page directive at the top of the .aspx page in question solved the problem and __doPostBack() block is now always present.
Ok, wierd problem I cant figure out. Hopefully someone where can. I have inherited a site that was developed with a very over-architected Content Management System. I am having problems now with the redirection functionality built into it.
This is on a dedicated Windows 2003 server running ASP.NET 3.5 sp 1. The redirects are stored in the database, and I have confirmed that the correct redirect is in place in the database. Finally, the file extension .html has been mapped in IIS to the ASP.NET ISAPI. And there is an HttpHandler created to redirect the .html requests. The default documents on the server, in order, are:
default.aspx
index.aspx
default.asp
index.asp
default.html
index.html
for this example, we have two redirects both pointing to the same content page. /example and /example.html
when requesting /example.html it correctly finds the appropriate redirect in the database and does its magic. Bueno. When requesting /example it gives a 404 page. Its not even the asp.net yellowish 404 generic error page. Its the standard vanilla IIS 404 response so it appears that asp.net is not intercepting these requests.
Let me know if any other information is requested and I will try to provide what I can. Thanks in advance for all the great recommendation I am sure will come from the community.
You should be able to map a wildcard extension to go through the ASP.Net ISAPI DLL is the solution.
Installing Wildcard Application Mappings (IIS 6.0) may also be useful.
Without rewriting the CMS, you can put a physical file in a new directory "/example". This will trigger ASP.NET to intercept the request, and hopefully load your page.
If you want to really hack it up you can change the IIS 404 page to be a .NET page in your application that can handle the original request and redirect to the page you really want.
Yes this is correct because /example is not pointing to any file, it is pointing to directory in the web server. Check that Default.aspx/ default.html or any other atleast one of them exists in your app.
If you are using ASP.Net MVC for REST then check your actions are properly written.