I have a simple bit of code on my classic ASP website to send me an email when a page errors, as I have this set up in my web.config to point at a page to handle errors:
<httpErrors errorMode="Custom" defaultResponseMode="ExecuteURL">
<remove statusCode="500" subStatusCode="100" />
<remove statusCode="500" subStatusCode="-1" />
<remove statusCode="404" subStatusCode="-1" />
<error statusCode="404" path="/error_404.asp" responseMode="ExecuteURL" />
<error statusCode="500" prefixLanguageFilePath="" path="/error_500.asp" responseMode="ExecuteURL" />
<error statusCode="500" subStatusCode="100" path="/error_500.asp" responseMode="ExecuteURL" />
</httpErrors>
This is my simple bit of code:
...
set objError = Server.getLastError()
strNumber = objError.AspCode
strSource = objError.Category
strDesc = newstr(objError.Description)
strCode = newstr(objError.Source)
strLine = ObjError.Line
strASPDesc = ObjError.ASPDescription
strRemoteAddr = Request.ServerVariables("REMOTE_ADDR")
ref = request.servervariables("HTTP_REFERER")
str = request.servervariables("QUERY_STRING")
cookies = request.servervariables("HTTP_COOKIE")
ip_url = strRemoteAddr
ua = newstr(request.servervariables("HTTP_USER_AGENT"))
totalstring = objError.File & "?" & str
I then concatenate those values together and email the details to myself.
For an error, I'd get something like this:
strNumber: ASP 0126
strSource: Active Server Pages
strDesc: Include file not found
strCode:
strLine: 14
strASPDesc: The include file '/news/aw.asp' was not found.
strRemoteAddr: 2.101.166.175
ref: http://example.com/sites/support/
str: page=cd
cookies: usr1=62105233D8E2A062A55; fantastic%5Fcheese=1; _ga=GA1.3.1357551757.1476543431; __atuvc=2%7C41%2C1%7C42%2C0%7C43%2C0%7C44%2C9%7C45; __utma=154830755.1357551757.1476543431.1476822981.1479368067.3; __utmz=154830755.1476818175.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); ASPSESSIONIDQCBABQAR=KHGBAMBCCCENHCIPPCOFBJOO; __utmb=154830755.1.10.1479368067; __utmc=154830755; __utmt=1
ip_url: 84.92.46.118
ua: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:49.0) Gecko/20100101 Firefox/49.0
totalstring: /sites/support/page.asp?landscape=cd
However, I often only see this error:
strNumber:
strSource:
strDesc:
strCode:
strLine: 0
strASPDesc:
strRemoteAddr: 43.247.156.6
ref: http:/example.com/content/this.asp
str: 500;http://jimpix.co.uk:80/words/check-username.asp
cookies: ASPSESSIONIDSAABARBQ=ACDDOHOCEKIEFOCKFBFIHJBC; _gat=1; __atuvc=129%7C46; __atuvs=582e898682f62926059; _ga=GA1.3.491207786.1479439414
ip_url: 43.247.156.6
ua: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36
totalstring: ?500;http:/example.com:80/content/this.asp
There are no error details as such, but it's always on the same page. I can't work out what's causing it.
Is there any more detailed error logging I can do to find out more?
Server.getLastError() only remains populated until the response buffer has started to flush content to the client, reasons for this could be:
response.buffer is set to false
response.flush has been called
response.end has been called
There is a reference to this in the documentation:
This method is available only before the .asp file has sent any
content to the client.
This is the only thing i can think of that would explain why your Server.getLastError() seems to be blank.
Related
import requests
headers = {
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
"Accept-Encoding": "gzip, deflate",
"Accept-Language": "en-GB,en-US;q=0.9,en;q=0.8",
"Dnt": "1",
"Host": "httpbin.org",
"Upgrade-Insecure-Requests": "1",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0",
}
url="https://app.shkolo.bg/dashboard"
res = requests.get(url,headers=headers)
print(res)
This throws a 403 response.
Any idea why?
I've just starting using the requests module so I cannot much more information.
By removing all information except the User-Agent I managed to get the reply:
import requests
url = "https://app.shkolo.bg/dashboard"
headers = {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0'}
result = requests.get(url, headers=headers)
print(result.content.decode())
# Begin of the output
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
Note that the answer is completely similar to this post.
I have the following CSP report:
"csp-report": {
"effective-directive": "script-src",
"referrer": "",
"status-code": 200,
"original-policy": "img-src 'self' data: https://redacted-development.s3.amazonaws.com https://s3.eu-west-2.amazonaws.com https://app.appzi.io https://cdn.ywxi.net https://randomuser.me;object-src 'none';form-action 'self';frame-ancestors 'none';base-uri 'self';report-uri /report-csp;script-src 'strict-dynamic' 'unsafe-inline' 'nonce-M2EyZTVhMzItNDY5My00YTI5LWE3MzEtM2NjMjdjMjc0ZmQ0' 'nonce-M2JiODg4NWQtODJjNy00MTZjLTkyYzMtZjY1MDIyMDQwYzgw' 'nonce-M2Y3MDQ1YWUtNThiZi00MWI3LTg1NzQtYjg2NDAxMmE1YjZl' 'nonce-MjMyMjUxZGUtZTQ1MS00OGZlLTk2NGYtZGM0NzQwZDBlOGQx' 'nonce-Mjg2M2U1ZTgtZmYyNS00YzllLWI1ZDItODY1NWUxNjIxMzQx' 'nonce-MmMyMmQyNWYtNWU4OC00NjRhLWEzNDYtYjc1NDg4ZTMzOGUy' 'nonce-MzZjZTE4MGItMWQyZi00YzRhLWFhMmQtMjlhMjg1ZTQzZDdl' 'nonce-NDExZTg5MjYtODQ1ZC00ZTE5LThjYmEtYmU3NmY5ZDg2MjI0' 'nonce-NDhiNmU5YjktYzEyYS00NjFjLWJmMWItNzU0MzI2NTlkOGNh' 'nonce-NWI2Yzg1YzktN2JkZC00OGY5LWFhODktZTFhN2MxZTUxNTNj' 'nonce-NzFjNTUzN2YtMWQ3MC00ODY5LWJhYmUtOGYxYjBiZjc0Y2Yx' 'nonce-NzgzNjI3ZDctNWU0ZC00ZWI0LThiN2UtODk5NWFhODNjY2Zj' 'nonce-OTUwNzMyM2EtZmExMS00NjA1LThjNGMtZjQzYTFiZTM4NmQx' 'nonce-OWIxZDNlZGMtZWQxZS00ZjRlLTg4OWYtY2RkOTdiYzFmMDFh' 'nonce-Y2ExZDg4OWEtM2ExOS00NzE0LTk2NjEtZWYzNmQyNzkxZDE2' 'nonce-ZDRkNDc2ZmYtMDQ4Yi00MDY4LWFjOWQtMTZkMmMzYmFhNWQw' 'nonce-ZTU4ZTIxNGItNmZiYy00ODM4LTljZDQtMzhhY2RkZTMxMWE2' 'nonce-ZmYyMzg3ZjgtNjY0Zi00ZDEyLWE0NTMtYWNhMzYzNGE2YmI2'",
"document-uri": "https://redacted.com/",
"violated-directive": "script-src 'strict-dynamic' 'unsafe-inline' 'nonce-M2EyZTVhMzItNDY5My00YTI5LWE3MzEtM2NjMjdjMjc0ZmQ0' 'nonce-M2JiODg4NWQtODJjNy00MTZjLTkyYzMtZjY1MDIyMDQwYzgw' 'nonce-M2Y3MDQ1YWUtNThiZi00MWI3LTg1NzQtYjg2NDAxMmE1YjZl' 'nonce-MjMyMjUxZGUtZTQ1MS00OGZlLTk2NGYtZGM0NzQwZDBlOGQx' 'nonce-Mjg2M2U1ZTgtZmYyNS00YzllLWI1ZDItODY1NWUxNjIxMzQx' 'nonce-MmMyMmQyNWYtNWU4OC00NjRhLWEzNDYtYjc1NDg4ZTMzOGUy' 'nonce-MzZjZTE4MGItMWQyZi00YzRhLWFhMmQtMjlhMjg1ZTQzZDdl' 'nonce-NDExZTg5MjYtODQ1ZC00ZTE5LThjYmEtYmU3NmY5ZDg2MjI0' 'nonce-NDhiNmU5YjktYzEyYS00NjFjLWJmMWItNzU0MzI2NTlkOGNh' 'nonce-NWI2Yzg1YzktN2JkZC00OGY5LWFhODktZTFhN2MxZTUxNTNj' 'nonce-NzFjNTUzN2YtMWQ3MC00ODY5LWJhYmUtOGYxYjBiZjc0Y2Yx' 'nonce-NzgzNjI3ZDctNWU0ZC00ZWI0LThiN2UtODk5NWFhODNjY2Zj' 'nonce-OTUwNzMyM2EtZmExMS00NjA1LThjNGMtZjQzYTFiZTM4NmQx' 'nonce-OWIxZDNlZGMtZWQxZS00ZjRlLTg4OWYtY2RkOTdiYzFmMDFh' 'nonce-Y2ExZDg4OWEtM2ExOS00NzE0LTk2NjEtZWYzNmQyNzkxZDE2' 'nonce-ZDRkNDc2ZmYtMDQ4Yi00MDY4LWFjOWQtMTZkMmMzYmFhNWQw' 'nonce-ZTU4ZTIxNGItNmZiYy00ODM4LTljZDQtMzhhY2RkZTMxMWE2' 'nonce-ZmYyMzg3ZjgtNjY0Zi00ZDEyLWE0NTMtYWNhMzYzNGE2YmI2'",
"blocked-uri": "https://redacted.com/static/js/browser.polyfill.min.js?etag=dp1dNqwV"
}
The user agent for this report is
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763
This parses as Edge 18.0 on Windows 10.
It is not clear to me what a status code of 200 means in the context of a CSP report, and this seems not to occur on other browsers.
n.b. The real web address has been redacted.
"status-code" is the HTTP status code of the resource on which the object was instantiated. In your case the status code 200 is output because the request was executed correctly and without errors.
It seems to me that this only occurs in IE, I don't see this code 200 in either Chrome or Safari.
(I was debugging my CSP using the Report-Uri website. They showed these phenomena only with IE.)
I have a large number of short URLs and I want to expand them. I found somewhere online (I missed the source) the following code:
short_url = "t.co/NHBbLlfCaa"
r = requests.get(short_url)
if r.status_code == 200:
print("Actual url:%s" % r.url)
It works perfectly. But I get this error when I ping the same server for many times:
urllib3.exceptions.MaxRetryError:
HTTPConnectionPool(host='www.fatlossadvice.pw', port=80): Max retries
exceeded with url:
/TIPS/KILLED-THAT-TREADMILL-WORKOUT-WORD-TO-TIMMY-GACQUIN.ASP (Caused
by NewConnectionError(': Failed to establish a new connection: [Errno
11004] getaddrinfo failed',))
I tried many solutions like the set here: Max retries exceeded with URL in requests, but nothing worked.
I was thinking about another solution, which is to pass an useragent in the request, and each time I change it randomly (using a large number of useragents):
user_agent_list = [
'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:25.0) Gecko/20100101 Firefox/25.0',
'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0',
'Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1667.0 Safari/537.36',
]
r = requests.get(short_url, headers={'User-Agent': user_agent_list[np.random.randint(0, len(user_agent_list))]})
if r.status_code == 200:
print("Actual url:%s" % r.url)
My problem is that r.url always return the short url instead of the long one (the expanded one).
What am I missing?
You can prevent the error by adding allow_redirects=False to requests.get() method to prevent redirecting to page that doesn't exist (and thus raising the error). You have to examine the header sent by server yourself (replace XXXX by https, remove spaces):
import requests
short_url = ["XXXX t.co /namDL4YHYu",
'XXXX t.co /MjvmV',
'XXXX t.co /JSjtxfaxRJ',
'XXXX t.co /xxGSANSE8K',
'XXXX t.co /ZRhf5gWNQg']
for url in short_url:
r = requests.get(url, allow_redirects=False)
try:
print(url, r.headers['location'])
except KeyError:
print(url, "Page doesn't exist!")
Prints:
XXXX t.co/namDL4YHYu http://gottimechillinaround.tumblr.com/post/133931725110/tip-672
XXXX t.co/MjvmV Page doesn't exist!
XXXX t.co/JSjtxfaxRJ http://www.youtube.com/watch?v=rE693eNyyss
XXXX t.co/xxGSANSE8K http://www.losefattips.pw/Tips/My-stretch-before-and-after-my-workout-is-just-as-important-to-me-as-my-workout.asp
XXXX .co/ZRhf5gWNQg http://www.youtube.com/watch?v=3OK1P9GzDPM
While it works perfectly when run locally through VS Studio's included IIS Express, my application chokes once deployed to IIS 8:
System.Web.HttpException: Could not load type 'Nancy.Hosting.Aspnet.NancyHttpRequestHandler'.
Back-end is MS Owin, written in VB (.NET 4.5), which registers 3 middlewares: OAuth server, JWT bearer Authentication, and Nancy. Front end is AngularJS. The proper DLLs are included in the published directory.
IIS 8 has .NET 4.5 installed and enabled. It is running in integrated mode.
I am not sure if this is related to the configuration of Nancy within web.config or the configuration of IIS. Relevant source follows:
Startup.vb
Public Sub Configuration(app As IAppBuilder)
Dim issuer As String = "http://obscured-domain"
Dim audience As String = "obscured-audience-key"
Dim secret As Byte() = Microsoft.Owin.Security.DataHandler.Encoder.TextEncodings.Base64Url.Decode("obscured-client-secret")
'CORS Configuration
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll)
app.UseOAuthAuthorizationServer(New OAuthAuthorizationServerOptions() With { _
.AllowInsecureHttp = True, _
.TokenEndpointPath = New PathString("/authenticate"), _
.AccessTokenExpireTimeSpan = TimeSpan.FromHours(1), _
.AccessTokenFormat = New JwtFormat(issuer, audience), _
.Provider = New OAuthServerProvider()
})
app.UseJwtBearerAuthentication(New JwtBearerAuthenticationOptions() With { _
.AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active, _
.AllowedAudiences = New String() {audience}, _
.IssuerSecurityTokenProviders = New IIssuerSecurityTokenProvider() { _
New SymmetricKeyIssuerSecurityTokenProvider(issuer, secret)
}
})
'Content service
Dim nOpts As New NancyOptions
nOpts.PassThroughWhenStatusCodesAre(HttpStatusCode.NotFound, HttpStatusCode.InternalServerError)
app.UseNancy(nOpts)
'Handle IIS request pipeline staging
app.UseStageMarker(PipelineStage.MapHandler)
End Sub
Web.config
<?xml version="1.0"?>
<configuration>
<system.web>
<customErrors mode="Off" />
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<httpHandlers>
<add verb="*" type="Nancy.Hosting.Aspnet.NancyHttpRequestHandler" path="*" />
</httpHandlers>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add name="Nancy" verb="*" type="Nancy.Hosting.Aspnet.NancyHttpRequestHandler" path="*"/>
</handlers>
</system.webServer>
<connectionStrings>
<add name="FTConnStr" connectionString="obscured-connection-string" />
</connectionStrings>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
Example Nancy Module
Public Class KnowledgeBaseModule
Inherits NancyModule
'Get page of article briefs via full-text search
MyBase.Get("/api/articles/paged/{offset}/{numRows}") = _
Function(parameters)
Dim searchFields As FullTextFields = Me.Bind(Of FullTextFields)()
Try
Dim results As Dictionary(Of String, List(Of Dictionary(Of String, Object)))
results = FullTextProvider.pagedSearch(searchFields.fields("SearchString"), CInt(parameters.offset), CInt(parameters.numRows))
Return Response.AsJson(results)
Catch ex As Exception
'temp 500
Return HttpStatusCode.InternalServerError
End Try
End Function
Private Class FullTextFields
Public Property fields As Dictionary(Of String, String) = New Dictionary(Of String, String) From _
{
{"SearchString", String.Empty}
}
End Class
End Class
Since you're using OWIN you need to use the SystemWeb host not Nancy's AspNet host. You also need to remove these two parts from your web.config:
<httpHandlers>
<add verb="*" type="Nancy.Hosting.Aspnet.NancyHttpRequestHandler" path="*" />
</httpHandlers>
<handlers>
<add name="Nancy" verb="*" type="Nancy.Hosting.Aspnet.NancyHttpRequestHandler" path="*"/>
</handlers>
You probably have a copy of the nancy host in your bin folder which is why it works locally but not when you deploy it.
I'm in the process of migrating some Sharepoint sites from one farm to another farm. It's a little more complicated, but for simplicity sake...
What I'd like to maintain is old URLs that people have for these sites, documents, etc. and the IIS URL Rewrite Module seems like a good way to go.
Here's an idea of what the structure is:
_______________________ _______________________
|oldfarm.company.com**| |newfarm.company.com**|
|oldsitecollection** | |newsitecollection** |
|subsitename | |subsitename |
|... | |... |
|_____________________| |_____________________|
** = changes, everything else remains the same, URLwise.
On the "newfarm" I have extended the web application to respond to "oldfarm.company.com", and that web application has a URL Redirect Rule that redirects http://oldfarm.company.com/oldsitecollection/... to http://newfarm.company.com/newsitecollection/...
That works great for the vast majority of what I'm trying to do.
What I'm having difficulty with is rewriting QUERYSTRING values. Sharepoint's Office Document Viewers contain path information in the QUERYSTRING and that's what I need to change.
Here is an original URL sample:
http://oldfarm.company.com/oldsitecollection/subsitename/_layouts/WordViewer.aspx?id=/oldsitecollection/subsitename/doclib/doc.docx&Source=http%3A%2F%2Foldfarm%2Ecompany%2Ecom%2Foldsitecollection%2Fsubsitename%2Fdoclib%2FForms%2FAllItems%2Easpx&DefaultItemOpen=1
Here is the URL after the redirect (and where I'm stuck):
http://newfarm.company.com/newsitecollection/subsitename/_layouts/WordViewer.aspx?id=/oldsitecollection/subsitename/doclib/doc.docx&Source=http%3A%2F%2Foldfarm%2Ecompany%2Ecom%2Foldsitecollection%2Fsubsitename%2Fdoclib%2FForms%2FAllItems%2Easpx&DefaultItemOpen=1
Here is what I need the URL to look like:
http://newfarm.company.com/newsitecollection/subsitename/_layouts/WordViewer.aspx?id=/newsitecollection/subsitename/doclib/doc.docx&Source=http%3A%2F%2Fnewfarm%2Ecompany%2Ecom%2Fnewsitecollection%2Fsubsitename%2Fdoclib%2FForms%2FAllItems%2Easpx&DefaultItemOpen=1
I have tried using Rewrite Maps because these are not dynamic substitutions, but I cannot get them to modify the QUERYSTRING.
Here's an example of the rewrite rule I'm working on:
<rewrite>
<rewriteMaps>
<rewriteMap name="WordViewer">
<add key="id=/oldsitecollection" value="id=/newsitecollection" />
</rewriteMap>
</rewriteMaps>
<rules>
<rule name="Rewrite rule1 for WordViewer">
<match url=".*WordViewer.aspx" />
<conditions>
<add input="{WordViewer:{QUERY_STRING}}" pattern="(.+)" />
</conditions>
<action type="Rewrite" url="{C:1}" appendQueryString="false" />
</rule>
</rules>
</rewrite>
To answer my own question, what worked for me was to create my own custom rewrite provider.
The provider I created was a simple find/replace provider that looked like this:
public class FindReplaceProvider : IRewriteProvider, IProviderDescriptor
{
public string Find { get; private set; }
public string Replace { get; private set; }
public void Initialize(IDictionary<string, string> settings, IRewriteContext rewriteContext)
{
string tmpFind, tmpReplace;
if (!settings.TryGetValue("Find", out tmpFind) || string.IsNullOrEmpty(tmpFind))
throw new ArgumentException("FindReplaceProvider setting 'Find' is required and cannot be empty");
if (!settings.TryGetValue("Replace", out tmpReplace))
throw new ArgumentException("FindReplaceProvider setting 'Replace' is required and cannot be null");
if (!string.IsNullOrEmpty(tmpFind))
Find = tmpFind;
else
throw new ArgumentException("FindReplaceProvider parameter 'Find' cannot be empty");
if (!string.IsNullOrEmpty(tmpReplace))
Replace = tmpReplace;
else
Replace = String.Empty;
}
public string Rewrite(string value)
{
return Regex.Replace(value, Find, Replace, RegexOptions.IgnoreCase);
}
public IEnumerable<SettingDescriptor> GetSettings()
{
yield return new SettingDescriptor("Find", "String to find");
yield return new SettingDescriptor("Replace", "String to replace");
}
}
And my rewrite rules end up looking like this:
<rewrite>
<providers>
<provider name="OfficeWebAppsReplaceId" type="MyFindReplaceProvider">
<settings>
<add key="Find" value="id=/oldsitecollection" />
<add key="Replace" value="id=/newsitecollection" />
</settings>
</provider>
<provider name="OfficeWebAppsReplaceSource" type="MyFindReplaceProvider">
<settings>
<add key="Find" value="http%3A%2F%2Foldfarm%2Ecompany%2Ecom%2Foldsitecollection%2" />
<add key="Replace" value="http%3A%2F%2Fnewfarm%2Ecompany%2Ecom%2Fnewsitecollection%2" />
</settings>
</provider>
</providers>
<rules>
<rule name="OfficeWebAppsQuerystringRedirect" stopProcessing="true">
<match url=".*(WordViewer.aspx|WordEditor.aspx|xlviewer.aspx|PowerPoint.aspx)$" />
<conditions logicalGrouping="MatchAny">
<add input="{QUERY_STRING}" pattern=".*id=/oldsitecollection.+" />
<add input="{QUERY_STRING}" pattern=".*Source=http%3A%2F%2Foldfarm%2Ecompany%2Ecom%2Foldsitecollection%2F.+" />
</conditions>
<action type="Redirect" url="{R:0}?{OfficeWebAppsReplaceId:{OfficeWebAppsReplaceSource:{C:0}}}" appendQueryString="false" redirectType="Temporary" />
</rule>
</rules>
</rewrite>