I just encountered the most obscure bug ever.
this string is being pre-pended before every css/js url served from a local directory
(F(fZrx2F3_LKJzMBHxhfgtqZvrP_nz_3hbClIBtNVyCXXPiCJUbY7peFKF4WLGBlTcQSRW4Wpk19ymBr_HjdDzNNKynOxUX5Bf2De9fsIuBvZTEgA8HzzjD_LNTx9bYyKqGqyOm0vPWPCf8MyhBpWwbs38mFfzOTSl01XnTzxLYx9B4AXN_E9qgMlMAnJLWD_00))
ONLY in IE 10 here is a screenshot of the header of the page
i'm ruining on asp.net mvc 3 stack.
The weird thing is that the resources do load with this thing as a prefix
In your web.config make sure that you are not using cookieless forms authentication:
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" cookieless="UseCookies" />
</authentication>
Setting cookieless="UseCookies" ensures that cookies will be used and users won't be tracked by prepending the ticket in the url. IIRC there was a bug in some older versions of .NET where IE10 User Agent wasn't known and the framework assumes that it doesn't support cookies.
And if you are using ASP.NET Session same stands true (you should force it to use cookies):
<sessionState mode="InProc" cookieless="UseCookies" />
Related
I have a nodejs backend, site served through iis7 via reverse proxy as per this website: https://alex.domenici.net/archive/deploying-a-node-js-application-on-windows-iis-using-a-reverse-proxy. In the node app i have a middleware layer to all get requests to cache content, like so
res.set('Cache-control', public, max-age=${period})
When running on my local machine i'm checking the headers via google developer tools and it does look like caching is working properly. When I move it to production, i can't seem get it to work. On IIS i've configured the HTTP Response Headers to expire after 10 days. My web.config looks like so (again per the link above)
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
<staticContent>
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="10.00:00:00"/>
</staticContent>
</system.webServer> </configuration>
Tried various things without success. The only possible lead i have at this point is from this thread
https://social.msdn.microsoft.com/Forums/vstudio/en-US/981bf691-ed6e-460a-9e99-af24fc8bfc0e/nodejsweb-apps-output-cache-not-working-for-node-web-app?forum=opensourcedevwithazure
but i have no idea how to make the suggested change in the web.config file. A couple of notes, im currently just running my node app in the command prompt like so: node app.js, not as node bin/www as suggested in the link (having some odd issues). Also, the site is still very much in development so on ssl. Read that chrome might have some issues with it, but the problem is present in all browser tested (chrome, firefox, etc...)
I have a project created in ASP.NET, MVC 3, C#. It works in every browser when testing it on my dev machine, once published it works fine in chrome and every other browser apart from IE.
The problem - I am trying to login to my site but the web site just refreshes with the return url included in the url.
I have tried the following:
Removed helpers
Removed webMatrix
Added the following to the web.config:
<add key="enableSimpleMembership" value="false" />
<add key="autoFormsAuthentication" value="false" />
Checked my internet options settings, they are currently set to medium-low and Enable Protected mode, I have also turned this off and had no joy.
I have another web site that has been deployed to the same internal server and works fine
in IE.
Does anyone have any idea what would be causing this problem?
Here is my Web.config:
http://pastebin.com/0b5FBuTs
I am using IE9
THanks
I have a page that needs to be secured. I add [Authorize] attribute to that action method. if you are not logged in, you will be redirect to the login page everytime you visit that secure page.
it works except I rename logon action to login , but applicaiton still redirects user to logon action. its no long there, I rename it, how do I fix it?
In your Web.config file change the forms loginUrl.
<authentication mode="Forms">
<forms loginUrl="~/Controller/Action" />
</authentication>
You need to set the loginUrl in the <forms /> element in Web.config.
It seems that MVC3 has a priority handler for .cshtml and .vbhtml file extensions and tries to locate them in the default folder.
When requesting these URLs:
domain.com/test.cshtml
domain.com/test.vbhtml
MVC always looks for these specific static files in a default folder.
Regardless of the extension or the route, I want it to completely ignore the .cshtml & .vbhtml handling and just pass the full URL through like all other URLs so I can take care of the routing on my own (with Nancy).
Running MVC3+Nancy+Razor on IIS 7.5 on an Azure instance.
Add
<configuration>
<appSettings>
<add key="webPages:Enabled" value="false" />
</appSettings>
</configuration>
to your web.config. Starting with the next version of Nancy (0.10), the Razor engine will automatically add this to the web.config
I have a directory and I want to allow users which are only logged into. Also there is a web page in root directory which has several data and all visitors can see them. Web.config file:
<system.web>
<compilation debug="true"/>
<customErrors mode="Off"/>
<authentication mode="Forms">
<forms name=".Artucltd" loginUrl="loginpage.aspx"
protection="All" path="the_path" timeout="30"
cookieless="UseDeviceProfile" />
</authentication>
<authorization>
<deny users ="?" />
<allow users="*"/>
</authorization>
</system.web>
This is custom login which controls username and password from MSSQL 2008 database. Everything works fine but I have a problem which is:
When I want to open default web page (http://localhost/test), system is automatically redirect to loginpage.aspx (not to Default.aspx). But I want to see Default.aspx and navigate to other pages. Loginpage.aspx is in root folder which is not protected and I want to do it same. In protected folder, there is another Default.aspx page and other protected pages. How can I get rid of this redirection? Should I specify this protected folder as application and put another Web.config file?
Processes that I tried up-to-now:
Changed name of Default.aspx page in protected folder
in IIS, default page is Default.aspx
in Visual Studio 2010, I set default page as Default.aspx in root folder.
But no luck!
Well, I found solution: http://support.microsoft.com/kb/316871