IIS : Exception from HRESULT: 0xC00CEF03 - windows

I have my website hosted on IIS with window 2016 OS. When I am going to disable the Form Authentication under IIS, it is giving me the following error.
Form Authentication.
Exception from HRESULT: 0xC00CEF03

i had a similar issue but it occurred when i was trying to disable the 'Machine key' - 'automatically generate at runtime' and then Applying the same.
For your error, please verify if the authentication is enabled/disabled for Default Web-site. Change that setting and then try disabling you specific websites status. It should ideally work.

I've seen this error stem from three different controls on the authentication method:
If configuring the authentication method on an application, and the authentication method you're trying to disable is enabled on the containing site.
If configuring the authentication method on a site, and the authentication method you're trying to disable is enabled on the Default Web Site.
If configuring the authentication method that has been defined in a web.config file. You should adjust it in the config file.

0xC00CEF03 error code translates to WR_E_NSPREFIXWITHEMPTYNSURI which refers to “Writer: cannot use prefix with empty namespace URI” (Reference).
This error occurs when there is something wrong with the web.config file. It’s probably corrupted or there are incompatible tags and parameters. As a result of this corruption and incompatibility, IIS is not able to read this file. Therefore, it can’t make a change.
The issue mostly happens after migration because a piece of configuration that works in the older version of IIS (and .NET Framework) probably became unsupported in the newer version.
The shortest way of finding what part of the web.config is causing the issue is to remove sections one by one and test. High-level steps:
Remove a section from the bottom of the file (Let’s say you removed system.serviceModel section)
If the issue goes away, add the section back and start removing the subsections of it one by one. (For example, ws2007HttpBinding subsection in system.serviceModel section)
If the issue goes away again, bring the subsection back and go through each lines. Prefixes like wsid:, asm:, and trust: are the most common causes of this issue
Source: 0xC00CEF03 error (Cannot use prefix with empty namespace URI)

Related

Tool to validate a web.config

Is there a tool that I can use to validate my web.config? The reason I ask is that the file appears to be valid XML and IIS is complaining that file is invalid. No explanation or indication as to why.
Thanks in advance.
Edit:
HTTP Error 500.19 - Internal Server Error
The requested page cannot be accessed because the related configuration data for the page is invalid.
Detailed Error Information:
Module IIS Web Core
Notification Unknown
Handler Not yet determined
Error Code 0x8007000d
Config Error
Config File \?\C:\DignityFiles\Source\simplicity\Simplicity\web.config
Requested URL http://simplicity-local.dignitytest.co.uk:80/
Physical Path
Logon Method Not yet determined
Logon User Not yet determined
Config Source:
-1:
0:
More Information:
This error occurs when there is a problem reading the configuration file for the Web server or Web application. In some cases, the event logs may contain more information about what caused this error.
View more information » [This takes you to "https://support.microsoft.com/en-gb/help/942055/-http-error-500-19-error-when-you-open-an-iis-7-0-webpage"]
Link to the web.config (Note: sensitive information has been redacted)
I have (eventually) found the answer: https://stackoverflow.com/a/41267673
Installing the URL rewrite module fixed my issue.
This answer addressses the immediate concern, but if you are looking for a general solution in powershell I have created a function that addresses this.
The full answer is here: how do i validate an IIS web.config in powershell
But the gist of it is you have to find all the "filters" and test each of them individually via Get-WebConfiguration

Web API 404 File or Directory not Found for "root" routes

I am developing a RESTful web api service. It's web api v.1, not v.2. Also I am developing on Visual Studio 2010 SP1. I have installed the MVC 4 for VS2010 SP1.
Please understand and keep in mind that Upgrading to newer versions of VS or Web Api 2 is not an option.
I have the following problem after a Windows Update ocurred.
When I try to use my RESTful api this way....
http://url.com/documents/ (get all the documents) I get the following error...
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Here is the stack trace.
[HttpException]: File does not exist. at System.Web.StaticFileHandler.GetFileInfo(String virtualPathWithPathInfo, String physicalPath, HttpResponse response) at System.Web.StaticFileHandler.ProcessRequestInternal(HttpContext context, String overrideVirtualPath) at System.Web.DefaultHttpHandler.BeginProcessRequest(HttpContext context, AsyncCallback callback, Object state) at system.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
If I specify the action name directly, it works. For example...
http://url.com/documents/get (gets all the documents) or
http://url.com/documents/7 (gets document id=7.
It only fails when you call it by its default name. I have already read similar situations here and I have tried to follow their solutions but they are not working for me properly.
Now, I know this is not a "web api routing" issue because I actually get the .net default exception page html markup (I am using Postman to test my webservice). When I force a "routing issue", then I get a JSON error description, which means that the Controller actually got created in the pipeline and returned a response.
Also, I have a custom file (SecurityHandler) that inherits from DelegatingHandler. This file gets executed almost first in the pipeline with each call to the api. Even before the actual Controller. Well, this file is never called when I get the error, which confirms to me that the "webserver" (either VS Development Server or IIS 7) is the one throwing the exception.
I have exhausted every single solution that I have found here. Change my web.config to multiple handlers configurations, re-installed MVC 4 for VS2010, created an entire new project... all these efforts have shown no results whatsoever.
Like I said, this was working perfectly fine until my pc restarted from a Windows Update BUT... why does it fail in the server as well? I did deploy my api to the server after the error started to occur.
Thanks.
The issue is not in Web API (and has nothing to do with it's version or Visual Studio 2010), it's the static file handler trying to serve and failing.
Alternatives:
0. Do you have a documents folder in your site? Get rid of it.
1. Remove the static file handler for directory browsing and re-add it.
2. Use RAMMFAR (less recommended)

500 error when integrating multiple apps in one code base

I'm trying to set up an MVC application that will service several facebook applications for various clients. With help from Prabir's blog post I was able to set this up with v5.2.1 and it is working well, with one exception.
At first, I had only set up two "clients", one called DemoStore and the first client, ClientA. The application determines what client content and facebook settings to use based on the url. example canvasUrl: http://my_domain.com/client_name/
This works for ClientA, but for some reason when I try any DemoStore routes I get a 500 error. The error page points to an issue with the web.config.
Config Error:
Cannot add duplicate collection entry of type 'add' with unique key attribute 'name' set to 'facebookredirect.axd'
I am able to add additional clients with no problem, and changing DemoStore to something like "demo" while using the same facebook application settings works fine also.
Working calls:
http:// localhost:2888/ClientA/
http:// localhost:2888/ClientB/
http:// localhost:2888/Demo/
Failing call:
http:// localhost:2888/DemoStore/
I was thinking this might be an MVC issue, but the Config Error points to the facebookredirect handler. Why would the SDK try to add this value to the config during runtime, and only for this specific client?
Any insight would be greatly appreciated.
I managed to figure out what went wrong here. Silly mistake..
After I had set up the application routes to require the client_name I changed the Project Url in the project properties to point to demostore by default. When I hit ctrl+S a dialog popped up that I promptly entered through without reading.
When I changed the Project Url, IIS Express created a new virtual directory for the project. This was the source of my problem. Why? I'm not sure, but once I removed the second site from my applicationhost.config I was able to access the DemoStore routes.
Moral of the story: read the VS dialog messages!

Mapping *.MVC to aspnet_isapi.dll on IIS7

We have a .net 3.5 application (MVC and WebForms mixed) that was hosted on IIS6. In order to make it work on IIS6 we had to add custom mappings to IIS such that *.MVC would map to aspnet_isapi.dll.
So our URL's would end up looking like this:
<host>\someController.mvc\action
But now that were setting this web app up on IIS7, with classic mode pooling, were trying to do the same thing so that we don't have to change anything about the application.
But after adding the *.MVC Handler mapping in IIS7 it still does not seem to be picking it up. Every time we navigate to our MVC pages, we get 404 errors. However, our .aspx pages load fine.
On closer inspection the Failed Request Tracing keeps complaining about the following
ModuleName="IIS Web Core", Notification="MAP_REQUEST_HANDLER", HttpStatus="404", HttpReason="Not Found", HttpSubStatus="0", ErrorCode="The system cannot find the file specified.
(0x80070002)", ConfigExceptionInfo=""
I'm running in circles. We were able to set this up on another IIS7 machine yet this one were trying to set it up on just refuses to work. I really don't know what I'm missing. Its like the mapping rule is not triggering at all. Because the same error occurs if we just type in random things for the file name in the URL.
I just dealt with this, and what really did it for me was getting rid of the entire MvcHttpHandler (remove it from your
<system.webServer>/<handlers>
configuration tag).
MSDN states that this handler is only useful when the UrlRoutingModule is not enabled for all requests (which in IIS7+ we can), hence why it's useful for IIS6 (and also why we need the *.mvc extension to route properly).
So just remove the MvcHttpHandler reference in your handlers, and make sure you:
Have the application running in an app pool with Integrated Mode (not Classic)
You have the runAllManagedModulesForAllRequests modules attribute set to "true"
<modules runAllManagedModulesForAllRequests="true">
If you are still getting 404's then it's either your MVC doing it (which really sidetracked me :S) another reason.

Team test: Failing load. Request failed: The server committed a protocol violation. Section=ResponseHeader Detail=CR must be followed by LF

The folk in the QA department use visual studio team test (2008 IIRC) to run load tests against our web application.
The latest set of tests have failed on several pages. The error reported is
Request failed: The server committed a protocol violation. Section=ResponseHeader Detail=CR must be followed by LF
Searching for this using google yields quite a few results. it would appear that this error message is generated from the .Net framework WebRequest class (i.e. it is not a visual studio specific message). The most useful result is this one, which details my exact problem and how to suppress the error.
But of course, I want to get to the bottom of why this error occurs in the first place. Here are some more facts: -
This error never used to occur when the tests were run against an older version of the web app. The web app. host OS and web server (Win 2003 and IIS 6) are identical in both cases.
Not all the pages generate this error - only some.
The only significant change to these pages (that I can think of) is that they now use some AJAX whereas before they did not (IIRC)
In order to narrow down the problem, I created the simplest page that I could to replicate the problem. Luckily, that was not too hard. I then inspected the bytes in the header using Fiddler but I could not find an occurrence of a CR (0x0D) that was not followed by a LF (0x0A).
The raw HTTP response (as stored from Fiddler by response saving bytes - so its encoding should not have been altered during the save) is here as text if you don't believe me!
So now I am left thinking that the supposed error might be a false alarm. Does anyone else have experience of this/can help shed light?
This is definitely not a false alarm - I've been getting this error in my app a lot while trying to communicate with Facebook API.
I've just stumbled upon this response from Steven Cheng - http://www.velocityreviews.com/forums/t302174-why-do-i-get-the-server-committed-a-protocol-violation.html - and let me quote him:
From your description, you're using
the HttpWebRequest component to send
some http request to some external web
resource in your ASP.NET web
application. However, you're always
getting the "The server committed a
protocol violation.
Section=ResponseStatusLine" error
unless you set the following section
in the web.config file:
<system.net>
<settings>
<httpWebRequest useUnsafeHeaderParsing="true" />
</settings>
</system.net>
And you're wondering the cause of this behavior, correct?
As for this issue, I've performed some
research on this and found that the
problem is actually caused by the
critical http header
parsing/validating of the
HttpWebRequest component. According to
the Http Specification(http1.1), the
HTTP header keys shoud specifically
not include any spaces in their names.
However, some web servers do not fully
respect standards they're meant to.
Applications running on the Dotnet
framework and making heavy use of http
requests usually use the
httpWebRequest class, which
encapsulates everything a web oriented
developer could dream of. With all the
recently issues related to security,
the "httpWebRequest" class provides a
self protection mechanism preventing
it to accept HTTP answers which not
fully qualify to the specifications.
The common case is having a space in
the "content-length" header key. The
server actually returns a "content
length" key, which, assuming no spaces
are allowed, is considered as an
attack vector (HTTP response split
attack), thus, triggering a "HTTP
protocol violation error" exception.
Will try if this helps right now and post results later

Resources