Using path extensions for http handlers in IIS 8.5 - url-rewriting

I ran into a weird issue when migrating a site on to a new web server.
I have some custom handlers written and defined in my web.config:
<add name="CalendarHandler" verb="*" path="/api/Calendar" type="CalendarHandler" />
If I do not put a file extension on the path like "/api/Calendar.css" the response that comes back is a redirect loop. If I put any extension on the path it will return the correct response. Removing the extension causes a re-direct error.
The path="/api/Calendar" works just fine the old server. I have moved the site from IIS 7.5 WIN 2008 R2 to IIS 8.5 WIN 2012. I am not sure what setting I am missing in IIS. I have made sure all the handler mappings are the same and I have tried installing URL Rewrite. No luck.

I changed the path to
<add name="CalendarHandler" verb="*" path="/api/Calendar/" type="CalendarHandler" />
and it worked. For some reason IIS 8.5 did not like 'path="/api/Calendar"' the missing '/' caused the redirect loop.

Related

IIS Bad Request for the site configured with url-rewrite with ARR

I have website created under IIS 8.0 in Windows 2012. An URL rewrite with ARR has created under this site which points to a linux machine (Basically to a webservice deployed in Tomcat) and through IIS there will be "GET" request where the URL is exceeding more than 5000 characters along with query string. When the URL is hit through program or in browser, I see IIS throws "Bad Request" with Status code as 400 and no Substatus code. The same works when it is directly hit to the webservice (for tomcat Linux). I suspected the issue is because of the excess characters in the url, because when I try decreasing the url length to 3500 characters which works without any error. Below are the configuration and settings that I have tried in IIS web.config and as well as http.sys registry, but nothing seems to be work.
<configuration>
<system.webServer>
<security>
<requestFiltering allowDoubleEscaping="true">
<requestLimits maxAllowedContentLength="4294967295" maxUrl="10999" maxQueryString="2097151">
<headerLimits>
<add header="Content-Type" sizeLimit="100000000" />
</headerLimits>
</requestLimits>
</requestFiltering>
</security>
<urlCompression doDynamicCompression="false" />
</system.webServer>
<system.web>
<httpRuntime maxRequestLength="8192" maxUrlLength="8192" maxQueryStringLength="8192" requestPathInvalidCharacters="" />
</system.web>
</configuration>
http.sys Registry Settings
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\MaxFieldLength - DWORD - 65534
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\MaxRequestBytes - DWORD - 16777216
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\UrlSegmentMaxCount - DWORD - 16383
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\UrlSegmentMaxLength - DWORD - 32766
I have rebooted the Windows server after every above settings and configurations was done.
These settings and configuration are honored by IIS without url rewrite. If I try other url with length of 5000 characters for the same website its works without any error. This is appearing only for the url that has fallen under URL rewrite config. Is there any specific configurations that need to be done with respect to URL length in ARR apart from the above mentioned? Please suggest and help.
Thanks in Advance.
Answering to my question.
The issue was on the Linux Tomcat side not on IIS, the catalina.out logs was stated as below
INFO: Error parsing HTTP request header
Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Request header is too large
I added the configuration of maxHttpHeaderSize="65536" in server.xml of tomcat/conf. After modifying this, the issue was resolved.

How to allow a DELETE method with IIS Express and Web API?

I am trying to send a delete request to my Web API service via Fiddler and am getting back a 405 "Method not allowed" error.
I have read extensively about removing the "WebDAV" module in web.config and similar suggestions (WebDAV is not enabled in my applicationhost.config anyway), but nothing I have tried has worked.
My service is currently running on IIS Express 10 (launching from Visual Studio). I do have this in my web.config file:
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler"
preCondition="integratedMode,runtimeVersionv4.0"/>
I would have thought the verb="*" piece would have allowed DELETE, but it does not seem to work.
One other note - when I inspect the response in Fiddler, under the Security heading it says: Allow: GET, POST.
I am not sure where that "Allow" parameter is being set (I am new to Web API).
Any help would be greatly appreciated. Please let me know what other information you need from me and I will add it.
Thank you!
Just reproduced this by creating a new webapi project [targeting .net framework 4.7.1]
Through Fiddler, I can hit the DELETE endpoint without any changes to web.config.
Please make sure to use correct endpoint including the id parameter.
e.g http:localhost:xxxx/api/values/id // please include the id and xxxx is port number.
If http:localhost:xxxx/api/values is used without id , I get the same result 405 Method Not Allowed
Hope this helps.
You can modify the IIS Express applicationHost.config in the %userprofile%\documents\IISExpress\config folder.  To enable PUT and DELETE for extensionless Urls scroll down to the bottom of the IIS Express applicationHost.config file and look for a handler entry that starts with: <add name="ExtensionlessUrl-Integrated-4.0".... In the "verb" attribute add PUT and DELETE so the "verb" attribute looks like:  verb="GET,HEAD,POST,DEBUG,PUT,DELETE"
Update your web config like this
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule"/> <!-- ADD THIS -->
</modules>

elfinder with MVC 3 and IIS 7

Im trying to use elfinder in my MVC 3 application and using this .NET connector
: http://elfinderconnectornet.codeplex.com/ for elfinder. And this connector works with http handler configured in section in WebConfig. For example:
for url like :
192.168.0.17:9002/elfinder.connector?_=1347370006351&cmd=open&target=&init=true&tree=......
i have a handler in web config
<system.web>
<httpHandlers>
<add verb="*" path="elfinder.connector" type="ElFinder.Connector.Connector" />
</httpHandlers>
</system.web>
and in global.asax.cs routes.IgnoreRoute("elfinder.connector");to ignore this url in "Controller/Action" routing.
When im running this code in VisualStudio localhost all works fine but on IIS 7 i have an 404 error.
May be IIS have custom config for httphandlers? some checkbox need to be checked :)
Any idea?
I received the same error because I didn't have read permissions on the directory. You must give, at least, read permission to see the folders and files.
Hope it helps. Regards.

Custom Image Handler

I've got a custom image handler (.ashx) which extends IHttpHandler. Basically all it does is fetch some images from a database and make them a thumbnail if requested.
This works fine on my local machine, but when I deploy it to my IIS 6 web server my images don't display.
My question is - can anyone tell me what the procedure is for setting up a handler like this in IIS 6?
Update
The paths to my image (that don't display) look like this:
http://xxx.xx.xxx.xxx/Helpers/ImageHandler.ashx?imageid=7&thumbnail=1
I've added this to my web.config file, but still no luck:
<httpHandlers> <add verb="*.png" path="MyWeb.Helpers.ImageHandler" type="MyWeb.Helpers.ImageHandler, MyWeb"/> </httpHandlers>
Thanks.
You need configure IIS6 to map the mime types to be parsed by .NET, so that they can be called by your handler; there is more on this here.
EDIT
Also try adding this to your web.config;
<add verb="*" path="*.png" type="MyWeb.Helpers.ImageHandler, MyWeb.Helpers"/>
Hope this helps,
Matt

IIS 7.5 not taking notice of customErrors for 404 returned by MVC 3 app

I'm running my MVC 3 app (recently updated from 2) on IIS 7.5 (Win 7 64bit) with a .NET 4.0 integrated pipeline app pool and have the following set-up in web.config:
<customErrors mode="On" defaultRedirect="~/Problem/Oops" redirectMode="ResponseRedirect">
<error statusCode="404" redirect="~/Problem/NotFound" />
</customErrors>
If an action method on a controller throws an exception the server and hence generates a 500 errorcode it correctly sends the browser to the default redirect URL.
However if my action deliberately returns a HttpNotFoundResult via HttpNotFound() I get the IIS 7.5 404.0 error page and not the one indicated in my web.config.
If I enter a URL that doesn't exist on my app like http://localhost/MyApp/FOO then I do get shown the page as indicated by the web.config.
Anybody have any ideas why I'm not getting redirected to my custom 404 error page when using HttpNotFound()?
Please try below syntax instead of calling HttpNotFound and let me know the result ;)
throw new HttpException(404, "NotFound");
Have you tried setting Response.TrySkipIisCustomErrors = true;?
(see http://blog.janjonas.net/2011-04-13/asp_net-prevent-iis_75_overriding-custom-error-page-iis-default-error-page)

Resources