Background
I have an ASP.Net Core v2.0 web application that has the [HttpGet] attribute above action results that don't need to accept a post.
I created a spreadsheet with a list of pages on the website to my marketing team, along with a column of hyperlinks that link directly to each page on the website.
Example Spreadsheet:
Issue
Once the marketing team started clicking on the links in the spreadsheet, I started to receive 404 errors via email (configured using NLog) although the page did still load for the user.
Troubleshooting
I troubleshooted this and uncovered that the issue was down to the [HttpGet] attribute. If I take the [HttpGet] attribute out, clicking on the links in the spreadsheet doesn't generate a 404 error.
The site doesn't generate 404 errors when loading the page (s) via the browser.
I installed fiddler and it looks as though Excel is using the "CONNECT" method.
Fiddler screenshot:
I thought this could be the issue as it's not a GET but when I access a page within Chrome, it also shows using the "CONNECT" method in fiddler.
I'm looking to see if anyone else has had this issue and if they got around it? Do I need to add another attribute alongside [HTTPGet] to stop Excel or other 3rd party software causing a 404?
I've resolved my own issue.
For anyone else that has this issue the fix is to put [HttpGet, HttpHead] as the attribute. If you have a custom route then add another attribute underneath:
[Route("[controller]/custom-action")].
For info, I got to the bottom of this by using the logs from the drop down ASP.Net Core Web Server in the output window in Visual Studio. I could see that when the link was first being requested by Excel, it was using the HEAD method rather than the GET which is why a 404 error was being fired.
Hope that helps someone down the line.
Related
I am trying to create a setup where a user can
signup & sign in directly from the combined signup&Signin page
Signup&signin from the invitation link.
Point one is working perfectly fine using the following files
BaseFile
ExtensionFile
RPFile
For point 2 I have created
SignupinviteRPFile
Now, when I click on the invitation URL which is in the following format
https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_signup_invitation/oauth2/v2.0/authorize?client_id={clientID}&nonce=ca00379642b94aa693a80b66783aa010&redirect_uri=https%3A%2F%2Fmytenant-dev.azurewebsites.net%2Fsignup%2Fuser-invite&scope=openid&response_type=id_token&id_token_hint={SignedJWTToken}
I do get the signup page with readonly emailID. But once I fill all the information and click "Create" it gives me
Following issue:
Sorry, but we're having trouble signing you in.
We track these errors automatically, but if the problem persists feel free to contact us. In the meantime, please try again.
Correlation ID: 3a9f35e6-51e1-40b7-9ee9-d9c8081ff8d6
Timestamp: 2021-02-03 11:07:20Z
AADB2C: An exception has occurred.
Observations:
The account gets created in the local AD and I can see the user's entry
Following are the three calls from the network logger
/SelfAsserted?tx=StateProperties=eyJUSUQiOiIzYTlmMzVlNi01MWUxLTQwYjctOWVlOS1kOWM4MDgxZmY4ZDYifQ&p=B2C_1A_signup_invitation
2./confirmed?csrf_token=bThiL2hJNXZ4ZFBwSXZ3ZzRLd1lVUExQV2V1T3EzVkNBYUloaEpqWk5lYTBXczAvUW9oSjJMVXBEWWhrenZ1Ymc2SkJNL3N5N0UxNzZYNHBDVDdsaWc9PTsyMDIxLTAyLTAzVDExOjA2OjQ2LjU5NTgzMzVaO2tuVzlHdzdMTDZ1QzMyT1JmRGNZbGc9PTt7IlRhcmdldEVudGl0eSI6IkxvY2FsQWNjb3VudFNpZ25VcFdpdGhSZWFkT25seUVtYWlsIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjN9&tx=StateProperties=eyJUSUQiOiIzYTlmMzVlNi01MWUxLTQwYjctOWVlOS1kOWM4MDgxZmY4ZDYifQ&p=B2C_1A_signup_invitation&diags=%7B%22pageViewId%22%3A%22e25ebe04-1601-460d-b3a8-1d958c8155b8%22%2C%22pageId%22%3A%22SelfAsserted%22%2C%22trace%22%3A%5B%7B%22ac%22%3A%22T005%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A3%7D%2C%7B%22ac%22%3A%22T021%20-%20URL%3Ahttps%3A%2F%2Fmytenant.b2clogin.com%2Fstatic%2Ftenant%2Ftemplates%2FAzureBlue%2FselfAsserted.cshtml%3Fslice%3D001-000%26dc%3DPNQ%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A50%7D%2C%7B%22ac%22%3A%22T019%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A8%7D%2C%7B%22ac%22%3A%22T004%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T003%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T035%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T030Online%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1075%7D%2C%7B%22ac%22%3A%22T002%22%2C%22acST%22%3A1612350440%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1077%7D%5D%7D
3.client/perftrace?tx=3a9f35e6-51e1-40b7-9ee9-d9c8081ff8d6&p=null
3. Following URL uses GET Method
https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_signup_invitation/api/SelfAsserted/confirmed?csrf_token=bThiL2hJNXZ4ZFBwSXZ3ZzRLd1lVUExQV2V1T3EzVkNBYUloaEpqWk5lYTBXczAvUW9oSjJMVXBEWWhrenZ1Ymc2SkJNL3N5N0UxNzZYNHBDVDdsaWc9PTsyMDIxLTAyLTAzVDExOjA2OjQ2LjU5NTgzMzVaO2tuVzlHdzdMTDZ1QzMyT1JmRGNZbGc9PTt7IlRhcmdldEVudGl0eSI6IkxvY2FsQWNjb3VudFNpZ25VcFdpdGhSZWFkT25seUVtYWlsIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjN9&tx=StateProperties=eyJUSUQiOiIzYTlmMzVlNi01MWUxLTQwYjctOWVlOS1kOWM4MDgxZmY4ZDYifQ&p=B2C_1A_signup_invitation&diags=%7B%22pageViewId%22%3A%22e25ebe04-1601-460d-b3a8-1d958c8155b8%22%2C%22pageId%22%3A%22SelfAsserted%22%2C%22trace%22%3A%5B%7B%22ac%22%3A%22T005%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A3%7D%2C%7B%22ac%22%3A%22T021%20-%20URL%3Ahttps%3A%2F%2Fmytenant.b2clogin.com%2Fstatic%2Ftenant%2Ftemplates%2FAzureBlue%2FselfAsserted.cshtml%3Fslice%3D001-000%26dc%3DPNQ%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A50%7D%2C%7B%22ac%22%3A%22T019%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A8%7D%2C%7B%22ac%22%3A%22T004%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T003%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T035%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T030Online%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1075%7D%2C%7B%22ac%22%3A%22T002%22%2C%22acST%22%3A1612350440%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1077%7D%5D%7D
Gives following message:
We can't sign you in
Your browser is currently set to block JavaScript. You need to allow JavaScript to use this service.
To learn how to allow JavaScript or to find out whether your browser supports JavaScript, check the online help in your web browser.
And the last call uses POST method
https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_signup_invitation/client/perftrace?tx=3a9f35e6-51e1-40b7-9ee9-d9c8081ff8d6&p=null
gives 404 error message
Basically, after the signup from the invitation url I am not able to signin to my application. I am not sure if there is any conflict between the two RP files or If I am missing anything.
The problem is here
https://github.com/rbagree/B2CSignupSigninInvite/blob/main/signup_invitation.xml#L63
The log shows it cannot find this key. Just remove this entire technical profile as it should already exist in your base file.
SharePoint Online: Until yesterday, I was able to use the standard Embed web part to display an iFrame to my SSRS Report server that included the control settings in the URL to hide toolbar, etc.
Like this:
<iframe src="https://reports.mydomain.com/ReportServer?/Reports/WallChart_GP&rs:Command=Render&rc:Toolbar=false&rs:ClearSession=true" height="400" width="300"></iframe>
Today, that is suddenly resulting in "Reporting Server Error: The operation you are attempting on item '/' is not allowed for this item type. (rsWrongItemType)". However if I put the URL directly into a browser I get the correct result... report with no toolbar.
When I switch the SharePoint page to edit mode and look at the Embed web part, I see that it's changing my & to & plus "amp;" for HTML formatting. If I paste that modified string into a separate browser I do still reach the report but the server ignores at least some of my commands in that I then see the report server toolbar despite setting it to false. So I don't know if it's always changed my URL like that, or if that is indeed the source of my problem. But I had not even re-published my pages in SharePoint.
If I put an embed string in the SharePoint web part that does not attempt these report server commands, I do get the report as desired. For example this displays my report in the SharePoint web part (but with the toolbar that I'm trying to avoid showing):
<iframe src="https://reports.mydomain.com/Reports/Pages/Report.aspx?ItemPath=%2fReports%2fWallChart_GP" height="400" width="300"></iframe>
The thing that has me bring this here is the fact that it was working up until yesterday. Nothing was changed on either end. I suppose Microsoft Support may be the correct avenue but I'm concerned that I will just be told that I can't do it without regard to the fact that it worked all along.
Any insight into why this is now different or what I can do to resolve the problem?
I am getting this error:
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: Invalid redirect_uri: Given URL is not allowed by the Application configuration.
When browsing to this page.
https://www.facebook.com/dialog/oauth?response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fusers%2Fauth%2Ffacebook%2Fcallback&scope=email%2Cuser_about_me&client_id=clientid&type=web_server
I ofcourse googled around and found this topic:
Facebook API error 191
It says that add your page URL to facebook. I have been going through all tabs in facebook under my created App and there is no input box for page URL.
I also see that this answer is from early 2012 and possibly outdated, how should it be done in 2013?
If you go to "http://developers.facebook.com" you should be able to login, click on "Apps" at the top. From there you can click on "Edit Settings" for the app that you are testing (or creating). I took a screen shot of what that looks like:
My guess is there is an error in the field "App Domains", or in the "Site URL" field. You will want to make sure that your url and domain(s) are correct. Hopefully this helps or at least sets you on the right track.
One more suggestion - it looks like you are testing using "localhost". If you are developing on a windows system you can improve the quality of your tests by editing the hosts file and registering your actual host name. OSX or other operating systems have similar mechanisms for registering a host name. Once you have done this you can bind IIS or Apache to that host by creating a new site (or using the virtual hosts option). After that you should be able to type in a more real looking host name which makes the Facebook authentication work that much better. Best of luck!
I have an unusual scenario in which only one page of our SP 2007 site is throwing this error "You are not authorized to view this page".
Here are some details:
SP 2007 Enterprise
The page in question uses SmartPart to display custom usercontrol.
We have 50+ pages that also use custom user controls in SmartPart, and none of them generate this error.
The page in question has several functions, and it initially loads just fine. First time it loads, user selects a customer from a dropdown, then enters a search query and clicks the search button. That all works, and the page then returns some search results. That works as well. The the user can click on a Modify link for each item. It's clicking on this Modify link that generates the page error. All of these things are done one this one page, it just refreshes accordingly. The Modify link is just a standard asp:commandline field that causes the page to load the line item in editable mode.
Here's the other strange thing. If I login as the SP Administrator account, and go to this page, it all works properly, no errors...and, then all other users can go in and use the page properly, without errors as well. It's as if whatever the security issue is, is being resolved temporarily as a result of the Admin using the page first. But after a code publish, or IISRESET, etc, the page goes back to not working for any general users.
Any ideas on what I should look for in trying to resolve this issue? I can also provide code if anyone thinks that may be relevant.
Thanks!
use SPSecurity.RunWithElevatedPrivileges for running your code with anonymous access user:
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(web.Site.ID))
{
// implementation details omitted
}
});
I get the following when I click on a custom made webpart in the Web Part Gallery: The control with ID 'UpdatePanel1' requires a ScriptManager on the page. The ScriptManager must appear before any controls that need it. If I use the webpart, ie perform a search, I get a pop-up error: Sys.WebForms.PageRequestManagerServerErrorException: An unknown error occurred while processing the request on the server. The Status code returned from the server was: 500.
This webpart takes a search string from a textbox, passes it to BL/DAL and returns a data from DB. I've integrated an UpdatePanel for partial postbacks - used this blog as guide but it is not working.
I've added the scriptManager to the default.master page using MSSP Designer as the blog suggests but curiously, the script manager causes an error (red underline) In Internet Explorer 6.0 the tag <asp:ScriptManager> is not permitted.
I'm not totally sure what's up with that but here's an alternative. Dont use MS Ajax - EVER. jQuery is simpler, faster, better, stronger, sexier!
This is how I normally do this stuff:
add jQuery to your master page head
create a user control that implements your web part ui. This should use Page.ScriptManager.RegistryScriptInclude or .RegistryScriptBlock to insert script for the control. Eg, methods to do your callback using jQuery.Ajax.
create a web part wrapper for the user control
create an aspx in _layouts that acts as the 'service' for your callback. The page load can use the parameters passed from the ajax call to return some json or text
Instead of #4 you could create a web service but this is a lot harder with SharePoint - an apx will work well enough.
HTH
Cheers