PROPFIND 405 error on IIS 8.5 - iis

I'm currently trying to send a PROPFIND request to my IIS 8.5 server, but everytime I do so I get the error "405 Method not allowed". I hope you can help me.
I already googled the issue and unfortunately none of the solution I found could solve my issue.
I already checked my applicationHost.config and to me it looks that all settings are correct.
I also tried to add WebDAV directly to my web.config:
Lastly I enabled Failed Request Tracing and got the following:
Edit: The relevant parts of the config files:
applicationHost.config
<handlers accessPolicy="Read, Script">
<add name="WebDAV" path="*" verb="PROPFIND,PROPPATCH,MKCOL,PUT,COPY,DELETE,MOVE,LOCK,UNLOCK" modules="WebDAVModule" resourceType="Unspecified" requireAccess="None" />
...
<verbs allowUnlisted="true" applyToWebDAV="true">
<add verb="TRACE" allowed="false" />
</verbs>
...
<webdav>
<authoring>
<properties allowAnonymousPropfind="true" allowInfinitePropfindDepth="true" />
</authoring>
</webdav>
web.config
<handlers accessPolicy="Read, Execute, Script">
<remove name="WebDAV" />
<add name="WebDAV" path="*" verb="PROPFIND,PROPPATCH,MKCOL,PUT,COPY,DELETE,MOVE,LOCK,UNLOCK" modules="WebDAVModule" scriptProcessor="C:\Windows\System32\inetsrv\webdav.dll" resourceType="Unspecified" requireAccess="None" />
</handlers>
And the text of the trace:
Event MODULE_WARNING
ModuleName WebDAVModule
Data1 WebDAV Disabled
ErrorCode The operation completed successfully.(0x0)
Event MODULE_SET_RESPONSE_ERROR_STATUS
ModuleName WebDAVModule
Notification MAP_REQUEST_HANDLER
HttpStatus 405
HttpReason Method Not Allowed
HttpSubStatus 0
ErrorCode The operation completed successfully.

Related

How to debug Azure app service slot swap failure

I am getting the following error when trying to do a slot swap for our app service:
##[error]Error: Failed to swap App Service 'service1' slots - 'staging' and 'production'. Error: BadRequest - Cannot swap slots for site 'service1' because the application initialization in 'staging' slot either took too long or failed. Please check AppInit module configuration or try using swap with preview if application initialization time is very long. (CODE: 400)
This is what our web.config file looks like:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\XXXXXXXXXX.Services.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="1073741824" />
</requestFiltering>
</security>
<applicationInitialization>
<add initializationPage="/api/warmup" />
</applicationInitialization>
<tracing>
<traceFailedRequests>
<clear />
<add path="/api/warmup">
<traceAreas>
<add provider="ASP" verbosity="Verbose" />
<add provider="ASPNET" areas="Infrastructure,Module,Page,AppServices" verbosity="Verbose" />
<add provider="ISAPI Extension" verbosity="Verbose" />
<add provider="WWW Server" areas="Authentication,Security,Filter,StaticFile,CGI,Compression,Cache,RequestNotifications,Module,Rewrite,iisnode" verbosity="Verbose" />
</traceAreas>
<failureDefinitions statusCodes="200-600" />
</add>
</traceFailedRequests>
</tracing>
</system.webServer>
</location>
</configuration>
The API that is used for initialization and tracing - /api/warmup - this is functioning with no issues, I am able to invoke the API manually in both the production and staging slot, successfully. In fact, in the pipeline file, I invoke this API prior to invoking the slot swap task, yet the slot swap task fails after about 45 seconds.
Further, no trace file is generated in the /LogFiles folder, and I'm not sure where next to look. I would assume a trace file would be created even when I manually invoke the API, but it's not being created, so is there maybe an issue with the web.config file?
I figured the issue - i had Configuration key WEBSITE_SWAP_WARMUP_PING_STATUSES set to 200,202. Once I removed the key, the swap completed successfully.

.Net core and IIS 10.0 gives HTTP Error 500.19 - Internal Server Error

I know that this question is asked a lot. And I have checked all of the questions and all of the answers, but most of them are out of dated or not working.
I'm facing an issue when running my .Net core project, whenever I lunch the project, the error screen is displayed directly (Error image is attached with the description).
.NET core version is 2.2, IIS is 10.0 and Visual Studion Community 2019
Here's a snippet of my web.config file:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<staticContent>
<mimeMap fileExtension=".kml" mimeType="application/vnd.google-earth.kml+xml" />
<mimeMap fileExtension=".kmz" mimeType="application/vnd.google-earth.kmz" />
</staticContent>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="bin\IISSupport\VSIISExeLauncher.exe" arguments="-argFile IISExeLauncherArgs.txt" stdoutLogEnabled="false" />
<httpProtocol>
<customHeaders>
<add name="X-Frame-Options" value="sameorigin" />
</customHeaders>
</httpProtocol>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="31000000" />
</requestFiltering>
</security>
</system.webServer>
</configuration>
I've tried the following steps:
Installed .net core hosting bundle
Removed the duplicate displaying in the error screen from web.config
Wasn't able to add the IIS_USRS to permissions in IIS because I didn't find such a user.
Removing the project and then cloning again from my git repository (the same error occured)

Web API 2 hosted in IIS 7.5 and Windows server 2008 R2 giving 403.14

There are many other questions similar to this in SO, i am still posting here because none of them are working out for my environment.
The exact error i am getting is,
HTTP Error 403.14 - Forbidden
The Web server is configured to not list the contents of this directory.
Enabling Directory browsing in IIS doesn't help at all.
Also tried adding adding all verbs in ExtensionLessUrlHandler-Integrated-4.0 in IIS Handler mappings.
And also tried removing module WebDAVModule and WebDAV handler in config as shown below.
<system.webServer>
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
</system.webServer>
Thanks in advance for your answers!
If anyone is still facing this issue, I got it resolved by adding the lines below in my config file:
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true" />
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>

custom webdav implementation in IIS, gives 405 on PROPFIND

I have created a custom webdav implementation with a HttpHandler, to serve files in a database via webdav protocol to a client.
On Cassini, my VS Development server I can access this without problems.
Now I am trying to debug this site in IIS, and that doesn't work.
I have the IIS 7.5 Webdav module uninstalled.
Some snippets of my web.config:
<system.web>
...
<httphandlers>
<add type="Test.WebDAVHandler, Test" verb="*" path="*"></add>
</httphandlers>
...
</system.web>
<system.webserver>
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule">
</remove>
</modules>
<validation validateIntegratedModeConfiguration="true">
<defaultdocument enabled="true">
<files>
<add value="example.aspx"></add>
</files>
</defaultdocument>
<handlers accessPolicy="Read,Write,Execute,Script">
<remove name="WebDAV">
<add name=".NET Runtime" verb="*" path="*" preCondition="classicMode,runtimeVersionv2.0,bitness64" requireAccess="None" resourceType="Unspecified" scriptProcessor="C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" modules="IsapiModule">
</add>
</handlers>
</validation>
</system.webserver>
When I connect to this site by using the Map network drive option of Windows 7 and inspect the requests using Fiddler, I see that the after some authentication, the client does the following request:
OPTIONS localhost/explorer and gets the following (shortened) response.
HTTP/1.1 200 OK
Allow: OPTIONS, TRACE, GET, HEAD, POST
I am missing some allowed verbs here, like PROPFIND.
The next request the client does is a PROPFIND.
The server responds with a 405 Method not allowed.
I looked at the request tracing, and the DefaultDocumentModule is causing this error.
When I disable this module, the DirectoryListingModule causes this 405.
Does anyone have a clue how to fix this, so that I can use webdav with my custom handler?

IIS 7.5 + enable PUT and DELETE for RESTFul service, extensionless

i am trying to understand how IIS 7.5 handles POST and PUT request.
I am writing a RESTful service using OpenRasta framework. The POST operation works without any problem, but the PUT operation for the same URL does not. It returns error like the following
Detailed Error Information
Module: IIS Web Core
Notification: MapRequestHandler
Handler: StaticFile
Error Code: 0x80070002
the url is like this following "http://localhost/MyService/Resource.Something.manifest"
Same setup works fine in visual studio development IIS.
Solution
Basically the default ExtensionlessUrlHandler does not accept PUT and DELETE verb. Just need to add them.
<add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="Script" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
To get PUT and DELETE to be accepted by IIS 7.5 for a PHP 5.4 fast-CGI driven REST API I had to disable the WebDAV-module. Otherwise the WebDAV module intervenes the HTTP requests using PUT or DELETE. To get this working was however a bit confusing and I might have missed some steps or done it in another order.
These lines are placed as children of the <system.webServer>-element in web.config in the application root.
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
Hopes this might spare some frustration. It seems like the default setting for the server is to accept any HTTP verb not listed - see settings under Request filtering -> HTTP Verbs -> Edit feature Settings. One may consider to explicitly add the VERBS that are to be allowed. The verbs allowed may be specified appending this snippet, also as a child of <system.webServer>.
<security>
<requestFiltering>
<verbs allowUnlisted="false">
<add verb="GET" allowed="true" />
<add verb="POST" allowed="true" />
<add verb="DELETE" allowed="true" />
<add verb="PUT" allowed="true" />
</verbs>
</requestFiltering>
</security>
On a client machine one can uninstall the WebDAV module from here:
Control Panel -> Uninstall Program -> Turn Windows features on or off -> IIS -> World Wide Web Services -> Common HTTP feautre -> WebDAV Publishing
The last measure to get it working was by editing applicationhost.config found in C:\Windows\System32\inetsrv\config. Within <system.webServer> -> <handlers> you will see a php entry that has just verb="GET,HEAD,POST - amend it to add the verbs you require, e.g.:
<add name="PHP54_via_FastCGI" path="*.php" verb="GET,HEAD,PUT,DELETE,POST"/>
|
|
|
append verbs here ----------------------------------------------|
1.Go to IIS Manager.
2.Click on your app.
3.Go to "Handler Mappings".
4.In the feature list, double click on "WebDAV".
5.Click on "Request Restrictions".
6.In the tab "Verbs" select "All verbs" .
7.Press OK.
See http://learn.iis.net/page.aspx/901/iis-express-faq/ that is linked from the OR wiki.
From the link (not block-quoted for readability):
A: You can modify the IIS Express applicationHost.config in the %userprofile%\documents\IISExpress\config folder. For example to enable PUT and DELETE for extensionless Urls scroll down to the bottom of the IIS Express applicationHost.config file and look for a handler entry that starts with:
<add name="ExtensionlessUrl-Integrated-4.0" …
In the verb attribute add PUT and DELETE so the verb attribute looks like: verb="GET,HEAD,POST,DEBUG,PUT,DELETE".
My scenario was a web application in a web site on IIS 7.5. The web site had to continue to enable WebDAV, but the web application needed to turn it off in order to support PUT and DELETE in its REST API.
To get that working, the web application's Web.config needed this:
<modules runAllManagedModulesForAllRequests="true" runManagedModulesForWebDavRequests="true" >
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
The important difference from the other answers here is the need for runManagedModulesForWebDavRequests="true"
For me this does the trick in the web.config.
<system.webserver>
<handlers>
<remove name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" />
<add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE" modules="IsapiModule" scriptProcessor="c:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="Script" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE" type="System.Web.Handlers.TransferRequestHandler" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
<system.webserver/>
<system.web>
<authentication mode="Windows" />
<identity impersonate="true"/>
<system.web/>
I used following configuration:
IIS 7.5
Windows Server 2008 R2
Custom Application Pool, .NET 4.0, Integrated
Windows Authentication = true
Anonymous Authentication = false
Hope it helps. ;-)
URLScan tool users
If other answers still don't work and you get 404 error: these verbs may be explicitly rejected by the URLScan tool, if you have it installed.
You can configure [AllowVerbs] and [DenyVerbs] sections of the URLScan.ini file to meet your needs.
Beware of the security risks of enabling these verbs.
What worked for me was uninstalling WebDav completely.
Going into the handler mappings and setting WebDAV to handle all verbs is the only thing that worked for me, despite the fact that PUT and DELETE were already listed as handled verbs. The working web.config I have is:
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" />
<remove name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" />
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<add name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
<add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
<remove name="WebDAV" />
<add name="WebDAV" path="*" verb="*" modules="WebDAVModule" resourceType="Unspecified" requireAccess="None" />
</handlers>
</system.webServer>
in the web.config
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE" type="System.Web.Handlers.TransferRequestHandler" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
you can also use the IIS management UI and define this globally, or default web server
I tried in IIS 8.
**uninstall WebDav Publishing
Steps to uninstall
-> Control Panel -> Go to Programs and features -> Turn windows
featues on or off-> Select Internet Information Services->World Wide
Web Services->Common HTTP Featues->"Remove" WebDAV Publishing by unchecking WebDAV option**
Reason for 500 error !
Hi all,
I want to post my own research too, I hope it would help future enthusiasts.
As suggested in answers, I can't uninstall WebDav so I have added the line below in web config (from other answers)
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE" type="System.Web.Handlers.TransferRequestHandler" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
but I got a 500 error, when I have enabled debug mode found this
Cannot add duplicate collection entry of type 'add' with unique key attribute 'name' set to 'ExtensionlessUrlHandler-Integrated-4.0'
Answer
Its because there was already an ExtensionlessUrlHandler in the handler mappings section, do the following to resolve the issue.
Method 1
1) Go to Your IIS Manager and select your app
2) Go to Handler Mappings feature
3) Find ExtensionlessUrlHandler-Integrated-4.0 and delete it.
4) Add ExtensionlessUrlHandler in your webconfig (as mentioned in above answers)
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE" type="System.Web.Handlers.TransferRequestHandler" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
Method 2
1) Remove ExtensionlessUrl handler from your web config
2) Click on your app in IIS Server, go to HandlerMappings
3) Find ExtensionlessUrlHandler-Integrated-4.0 (only this name, ignore others)
4) right click on it and choose Edit
edit handler
5) click on 'Request Restrictions' and select Verbs tab & choose All Verbs
this will enable extensionsless handler to allow all verbs.
I will go with method 1, as we can have control in web.config. But make sure you
check the deployment server for duplicate handler definitions.
My web.config with asp.net core 1.0
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
</system.webServer>
</configuration>
In windows server 2012.
Open applicationHost.config file in notepad with Administrator rights
applicationHost.config file is found in C:\Windows\System32\inetsrv\config
Locate the section
<verbs allowUnlisted="false" applyToWebDAV="true">
<add verb="GET" allowed="true" />
<add verb="HEAD" allowed="true" />
<add verb="POST" allowed="true" />
<add verb="DELETE" allowed="false" />
<add verb="TRACE" allowed="false" />
<add verb="PUT" allowed="false" />
<add verb="OPTIONS" allowed="false" />
</verbs>
Notice DELETE and PUT HTTP Verbs are set to false.
Change them to true.
It should now read as below
<verbs allowUnlisted="false" applyToWebDAV="true">
<add verb="GET" allowed="true" />
<add verb="HEAD" allowed="true" />
<add verb="POST" allowed="true" />
<add verb="DELETE" allowed="true" />
<add verb="TRACE" allowed="false" />
<add verb="PUT" allowed="true" />
<add verb="OPTIONS" allowed="false" />
</verbs>
Save the file. You have enabled HttpPut and HttpDelete requests on your web server
The main solution is to remove webdavmodule from the specific website'd module's section.
So you can do it from both IIS and in webconfig.
I was dealing with the same problem. The solution for me was to turn off the Firewall mode of the Web Application in Plesk Panel.

Resources