ASP file being caught by .NET isapi - asp.net

I need to serve up a few .asp pages from within my ASP.NET site.
This ASP.NET site has a handler that allows us to serve up pages out of the database instead of finding them on disk (where the .asp files are located).
The problem appears to be that the .NET isapi (C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll) is catching my request... at that point, it is going to the database and not finding the file.
My question: why is ASP.NET catching my request? I would think it should come in and use the proper extension mapping for .asp (C:\WINDOWS\system32\inetsrv\asp.dll).
Is there a way to tell ASP.NET to leave the .asp files alone?

one alternative is to set up a virtual directory which only can execute .asp and without asp.net support.

It sounds like you have a wild card script mapping in your application configuration forwarding all requests into the aspnet_isapi.dll. Is the a .asp mapping to asp.dll?

Related

How is ASP.Net Routing accomplished given there is no obvious ISAPI mapping?

So Im reading that:
If a file name extension has not been mapped to ASP.NET, ASP.NET will
not receive the request. This is important to understand for
applications that use ASP.NET authentication. For example, because
.htm files are typically not mapped to ASP.NET, ASP.NET will not
perform authentication or authorization checks on requests for .htm
files. Therefore, even if a file contains only static content, if you
want ASP.NET to check authentication, create the file using a file
name extension mapped to ASP.NET, such as .aspx.
which I understand given the obvious .htm <> ASP.net ISAPI mapping in the webserver but what about routes in a route table? I'm not mapping those in the web server so how does the web server know to forward those URLs to ASP.Net??
So there are at least two pieces to this question:
The first is if you are running in IIS in classic mode versus integrated mode. Classic mode will make things behave like IIS 6, where everything is an ISAPI filter, including ASP.NET itself. Integrated mode takes advantage of the fact that IIS 7 was rewritten from the ground-up and now uses modules instead.
Secondly, the short answer of why IIS knows how to forward a URL to ASP.NET is the Routing Module in the IIS 7+ pipeline; ISAPI filters are now part of the ISAPI Filters Module.
For a visual description of how the IIS 7+ pipeline works from a Routing/URL-Rewriting perspective, read IIS URL Rewriting and ASP.NET Routing
So the good news is if you are very much attached to the ISAPI filter approach you can use the classic mode of IIS.

Extensionless URL in ASP.NET 4.0 on IIS6

I have a ASP.NET 4.0 WebForms webapp running on a IIS6 webserver. I'm not allowed to make any changes to the webserver. I have a flex app embedded in this file called:
myapp.contoso.com/mysubapp/mysubapp.aspx
I'd like to only require the user to use the URL:
myapp.constoso.com/mysubapp
to reach the application and essentially hid the mysubapp.aspx permanently. I've been checking out URLRewrite and URLRewriting.net... It all looks to be a little much for this once instance in which I need it (if I need to add more rewrites in the future I'll use one of those frameworks). Is there a simple way to achieve this? I've checked out similar posts... it seems that I may need to write a simple one myself?
URL Rewriting using iis6 with no extensionless urls
How to deal with extensionless Url in ASP.Net and IIS6
The simplest thing I can think of is to rename your web page from mysubapp.aspx to default.aspx. This will allow users to request myapp.constoso.com/mysubapp and get your page. This should work if you have not removed default.aspx from the default document list in IIS.
Alternatively, you can add mysubapp.aspx to the list of default documents in IIS.

ASP.NET ascx.cs via GET

Say I have this url:
http://site.example/dir/
In this folder I have these files: test.ascx.cs and test.ascx
Just to be clear, I am not a .NET developer.
From a security point of view - why can't I access http://site.example/dir/test.ascx.cs and how secure is it to keep those files there?
I assume IIS filters out request that query these kind of files, but can someone explain me this?
Thank you.
You just explained it yourself. IIS won't serve those files.
When you register ASP.NET with IIS (aspnet_regiis.exe) it will add common extensions and associate them with the ASP.NET handler. As far as the .cs extension is concerned it is filtered and not served by IIS. It is absolutely safe to have these files there, but I would recommend you to use an ASP.NET application project (in contrast to ASP.NET website) which is precompiled and you don't need to deploy source code files on your server.
(source: wewill.cn)

ASP.NET - IIS Custom Mapping Extensions - How?

I am wondering how one goes about creating/rerouting my custom developed .ASPX pages on IIS 6.0 pages to something totally custom w/o the .aspx extension, say, .vato? For example, instead of my page saying: Default.aspx?ID=123, I would like users to see: Default.vato?ID=123.
What concept is? Is this doable? Where can I research more on this topic?
Yeah, read this:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/4c840252-fab7-427e-a197-7facb6649106.mspx?mfr=true
Create a new entry for your new extension and map it to the same executable as the .aspx handler.
The common one is to add a wildcard. This allows you to have URLs without extensions at all. IMO, that's much preferred because extensions make little sense on the internet.
It's not so much a .net question as it is an IIS question.
Basically, IIS looks at what extension is being requested and responds accordingly.
There is a list of all file extensions and what actions should be taken when these are requested. In terms of .net, these are .aspx, .ascx, asmx, etc. These are basically ISAPI filters.
Depending on your version of IIS. If you open IIS Manager, choose the website in question, go to Properties, then Home Directory, then Configuration, under Mappings you will see all file extensions and the application that will be called to action this request.
Therefore, if you add an entry for .vato, and point it to your version of .net, such as C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll then the .vato file will then be treated the same as a .aspx files.
In IIS (6.0) click on "Configuration" on your Web Site page and you can add mappings there. It must reference the same ASP.NET ISAPI DLL as for example the ASPX pages.
You can also add * and have all requests route to a HTTP module but that's a little more advanced and useful for the likes of REST.

Why doesn't url rewrite work?

In asp.net 3.5, I'm rewriting the url
http://www.abc.com/archive/1108/harpersdecember
to the following
http://www.abc.com/article.aspx?docId=78
I'm using this code to do it:
Context.RewritePath("/article.aspx?docId=78");
It works fine locally but when I upload to the remote web server, I get a 404 when trying to reference the above page. Any suggestions why it works locally but not remotely?
You may need to create a wildcard mapping in IIS on the remote server so that all requests are processed by ASP.Net. If you do not do this any URLs without .ASPX on the end will not run through your URL rewriting code.
There is a good explanation of this (and other reasons you might use it) on Scott Guthrie's blog.
Not "may" - you definitely need to create a wildcard mapping. Visual Studio uses the cassini web server which essentially passes all requests through .net. IIS only forwards specific mapped requests (by default .aspx, .asmx, etc..) to .net - rewriting a URL in asp.net requires adding a new mapping to get the request to asp.net in the first place
Sounds to me like the production server does not have a default aspx page, ie: default.aspx. If it did, it would reroute the request to your handler.
Easy way to verify this, would be to create a directory and place a default.aspx file in it and try to request it using only the dir name, ie: server.com/newdir/
If that gives you a 404, then you know it for sure.

Resources