I had an application that was running on IIS 6. All requests went through aspnet_isapi.dll. This was achieved via a wildcard application mapping (which did not verify the file existed).
I have copied said application to a machine running IIS7, and would like to get it working again.
In the application, any request with an extension of .aspx (or .ashx) are handled in the normal way. Other requests with different extensions (such as .html and .xml) are handled by a custom http module. Some requests have no extension, and are dynamically redirect to a file with an extension (e.g. visiting …/item/1 might redirect to …/item/1.html or …/item/1.xml, depending on values in the accept header).
The new location probably does not exist, but a response is generated dynamically.
Currently, the application pool is in “classic” mode, and is using .NET v4.0 (it was previously using .NET 3.5, but that doesn’t seem to be related to the problem). The custom http module is set only in the web.config.
The redirect (from …/item/1 to …/item/1.html) seems to work, which suggests that extension less requests are indeed being processed by the application (that redirect is written in the application itself). I think that means that the custom module is working.
Requests with extensions (.html, .xml etc) are failing however. The error I get is:
HTTP Error 404.0 - Not Found
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Module: IIS Web Core
Notification: MapRequestHandler
Handler: StaticFile
Error Code: 0x80070002
I have tried:
Adding a wildcard script mapping that mapped * to aspnet_isapi.dll
Tried adding a specific mapping for *.html to aspnet_isapi.dll
These still result in the same error message, and still seem to go to the handler "StaticFile".
I tried modifying "StaticFile" so that it uses the aspnet_isapi.dll executable, and this results in a new error:
HTTP Error 404.4 - Not Found
The resource you are looking for does not have a handler associated with it.
Handler: Not yet determined
Any help would be greatly appreciated.
Set application pool in integrated mode and set that all request run all managed modules
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
...
</modules>
...
</system.webServer>
Use this config in service config it worked for me.
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<services>
<service name="WcfService.Service1">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="secureHttpBinding"
contract="WcfService.IService1"/>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
Related
The Condition
I have created my own web framework, which intercepts Error 404 and displays the appropriate content depending on the URL (it also sends the correct HTTP code 200 or 404 when the URL is valid or not). I have the entire framework under single /Default.asp (which includes several files, but that's not important here). It works perfect under IIS6, but I'm unable to figure out how to handle debugging and development under IIS7.
The Problem
The challenge is picking the correct Error Mode for the web.config file.
If I set errorMode=Custom then my code works and I can even see errors in my code while developing, but I can't debug other ASP files, because any error there, would be redirected to the /default.asp instead of showing it to me in the browser.
So, when I need to debug other ASP files, I would change the error mode from Custom to errorMode=Detailed
Then I can easily see the line number and the error description, but that means obviously that my framework would not be able to handle Errors 404 for non-existing URL's.
I have been doing this "dance" switching web.config every time I need to check something and it's getting very annoying. Here's my web.config file:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<!-- I'm changing Custom to Detailed here when I need to debug -->
<httpErrors errorMode="Custom">
<remove statusCode="404" subStatusCode="-1" />
<error statusCode="404" prefixLanguageFilePath=""
path="/Default.asp" responseMode="ExecuteURL" />
<!-- I have experimented with this, but unsuccessfully, so I comment it out
<remove statusCode="500" subStatusCode="-1" />
<error statusCode="500" prefixLanguageFilePath=""
path="/Default.asp" responseMode="ExecuteURL" />
-->
</httpErrors>
<directoryBrowse enabled="false" />
</system.webServer>
</configuration>
Question:
Is it possible to use both methods simultaneously?
A custom .ASP file to process 404 (and possibly other errors) but also leaving the 500 errors to be processed by the server and display the detailed error.
All I need to see is the line number and the error description.
I have an ASP.NET Core 2.0 API I am deploying to an Azure App Service. This has been working fine until recently when I had to process a request that took longer than 2 minutes to complete and I got a 502 Bad Gateway stating
"The specified CGI application encountered an error and the server terminated the process".
This consistently happens when I hit the 2 minute mark on this process.
My diagnostic logfile says
018-05-25 02:07:01.462 +00:00 [Error] Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware: An unhandled exception has occurred while executing the request
System.Threading.Tasks.TaskCanceledException: A task was canceled.
I am working on the assumption that this is a timeout issue because it is always at the 2 minute mark and I know the request takes more than 2 minutes to complete. So I was looking into how to increase the timeout and found some posts on SO that talked about using an applicationHost.xdt file, placing it in the root of the Site folder for the site. I am using this XML;
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.applicationHost>
<webLimits xdt:Transform="SetAttributes(connectionTimeout)" connectionTimeout="00:05:00" />
</system.applicationHost>
</configuration>
When I upload it, using Kudu debug console, to the root of the Site folder for my deployment slot I am using to test my API and then look at the transform file, I see the following;
2018-05-24T19:34:19 Start 'site' site extension transform
2018-05-24T19:34:19 StartSection Executing SetAttributes (transform line 4, 16)
2018-05-24T19:34:19 on /configuration/system.applicationHost/webLimits
2018-05-24T19:34:19 Applying to 'webLimits' element (no source line info)
2018-05-24T19:34:19 Set 'connectionTimeout' attribute
2018-05-24T19:34:19 Set 1 attributes
2018-05-24T19:34:19 EndSection Done executing SetAttributes
2018-05-24T19:34:19 Successful 'D:\home\site\applicationHost.xdt' site extension transform
which to me looks like it successfully applied the XDT transform.
However even after restarting the base App Service and the related deployment slot. I am still getting the error.
So, am I using the wrong timeout setting?
When I look at the web.config file in my slots sites/wwwroot folder, it contains only this...
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\Mypp.dll"
stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" />
</system.webServer>
I expected to see the information about the connectiontimeout that was in the XDT file I applied. So, perhaps this is not the right web.config file?
I am not an Azure expert and at this point, I feel like I am wasting time so I wanted to check an see if anyone has any suggestions.
requestTimeout:
Specifies the duration for which the ASP.NET Core Module waits for a response from the process listening on %ASPNETCORE_PORT%.
In versions of the ASP.NET Core Module that shipped with the release of ASP.NET Core 2.0 or earlier, the requestTimeout must be specified in whole minutes only, otherwise it defaults to 2 minutes.
You could try to add the requestTimeout="00:20:00 in web.config in your slots sites/wwwroot folder.
<aspNetCore
requestTimeout="00:20:00"
processPath="%LAUNCHER_PATH%"
arguments="%LAUNCHER_ARGS%"
stdoutLogEnabled="false"
stdoutLogFile=".\logs\stdout">
<environmentVariables>
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="staging" /> <!-- value could be "development", "staging" or "production"-->
</environmentVariables>
</aspNetCore>
For more details, you could refer to this article to learn about ASP.NET Core Module configuration reference
Running ColdFusion 11 (Update 7) and IIS 7.5
My site application/root level web.config:
<configuration>
<system.webServer>
<httpErrors errorMode="Custom" />
</system.webServer>
</configuration>
My nested web.config file, which sits inside /api/eb :
<configuration>
<system.webServer>
<httpErrors errorMode="Detailed" />
</system.webServer>
</configuration>
When I visit a page that sits within the /api/eb sub-directory (e.g. 401.cfm) and trigger a 401 status code the server will return the Custom error handler response. My interpretation from the docs is that the nested web.config file should override the root web.config file but it clearly is not.
I've checked within the IIS applicationhost file and httpErrors overrideModeDefault is set to true. I also tried using a location tag within my root web.config file to do the same thing but it is also ignored unless I set the path to the wildcard character.
I'm out of ideas. Your help will be greatly appreciated. Thank you in advance.
I found this article which seems to explain your question pretty well - How to Use HTTP Detailed Errors in IIS 7.0
Specifically this excerpt:
Security Considerations
A word of caution: For architectural reasons, IIS can only execute the URL if it is located in the same Application Pool. Use the redirect feature to execute a Custom Error in a different Application Pool.
IIS can also return a 302 Redirect to the browser when a particular error occurs. Redirect is good if you have a server farm. For instance, you can redirect all your errors to a central location that you closely monitor.
There is risk however: responseMode="File" (which is the default) allows you to specify every file on the disk. This will not work if you are very security conscious.
A workable scenario might include only allowing the delegation of the errorMode setting. This enables a developer to receive Detailed Errors for his application even if he is using a remote client. All that is necessary is to set errorMode="Detailed". Here is how to configure this scenario:
Allow the delegation of the httpErrors section:
<section name="httpErrors" overrideModeDefault="Allow" />
Second, go to the section in applicationHost.config and change it so that only errorMode is delegated:
<httpErrors lockAllAttributesExcept="errorMode" lockElements="error">
<error statusCode="404" prefixLanguageFilePath="E:\inetpub\custerr" path="404.htm" />
<error statusCode="401" prefixLanguageFilePath="E:\inetpub\custerr" path="401.htm" />
<error statusCode="403" prefixLanguageFilePath="E:\inetpub\custerr" path="403.htm" />
<error statusCode="405" prefixLanguageFilePath="E:\inetpub\custerr" path="405.htm" />
<error statusCode="406" prefixLanguageFilePath="E:\inetpub\custerr" path="406.htm" />
<error statusCode="412" prefixLanguageFilePath="E:\inetpub\custerr" path="412.htm" />
<error statusCode="500" prefixLanguageFilePath="E:\inetpub\custerr" path="500.htm" />
<error statusCode="501" prefixLanguageFilePath="E:\inetpub\custerr" path="501.htm" />
<error statusCode="502" prefixLanguageFilePath="E:\inetpub\custerr" path="502.htm" />
</httpErrors>
Notice that the correct value for the overrideModeDefault attribute is Allow, not true as you mentioned in your question.
This article further explains the overrideModeDefault attribute - Understanding IIS 7.0 Configuration Delegation
Excerpt:
The overrideModeDefault attribute is an optional attribute that defines the locked state of a section. Its available values are either Allow or Deny. The default value is "Allow". All IIS sections that are related to any performance, security or critical aspect of the server are locked with this attribute set to "Deny". If the overrideModeDefault attribute is set to "Deny", then any configuration files at a lower level (i.e. web.config files) that set a value for a property for the specific configuration section are not able to take effect and override the global values. This incurs in a lock violation and an error occurs.
A weird thing happened to my project. I have an Azure WCF project which basically consists of the WebRole and the Azure project. Azure Project contains ServiceDefinition.csdef which in turn contains stuff like endpoint information.
I was playing around in my WebRole and manually set an endpoint there. However, my original issue, due to a stupid user error, did not require this. After I removed the endpoint devinition from web.config, my webrole still gets bound to port 6627 instead of the two endpoints described in my Azure project (80 & 8080). I can't find that port being mentioned anywhere so I'm guessing it is the default.
Here's the part of the web.config that I edited (the removed part is in comments). How do I revert back to getting the configuration from the Azure project?
<system.serviceModel>
<!-- services>
<service name="MyWebRole.MyService" behaviorConfiguration="MyWebRole.BasicUserInformationBehavior">
<endpoint address="" binding="mexHttpBinding" contract="MyWebRole.IMyService"/>
</service>
</services -->
<extensions>
<behaviorExtensions>
<add name="userInformationProcessor" type="MyWebRole.BasicUserInformationBehaviorExtensionElement, MyWebRole, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
</behaviorExtensions>
</extensions>
<bindings />
<client />
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<userInformationProcessor />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
</endpointBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
[Edit] More information on the subject! The problem is related to compute emulator no longer starting at all! I don't know why the service works then, but I guess it's running it IIS alone.
I think the solution as mentioned in the comment is that you have to set up the Windows Azure project as the startup project not the webrole.
Is there any way I can have IIS 7.0+ (or 7.5+) configured such that for certain paths Request Filtering is completely disabled. That is,
http://host.local/foo/bar.cs
is forbidden (since serving *.cs files is explicitly forbidden in applicationHost.config), but
http://host.local/foo/allow-all/bar.cs
is allowed.
In your allow-all directory, you can create a web.config file with the following configuration:
<configuration>
<system.webServer>
<security>
<requestFiltering>
<fileExtensions>
<remove fileExtension=".cs" />
</fileExtensions>
</requestFiltering>
</security>
<staticContent>
<mimeMap fileExtension=".cs" mimeType="text/plain" />
</staticContent>
</system.webServer>
</configuration>
This configuration removes the .cs extension from the request filtering. Additionally, for IIS to properly serve content, it needs a MIME type, so the .cs extension is added as text/plain.
These changes will also apply to all child directories of allow-all. This configuration works with an Integrated App Pool. Classic may require additional changes since there are HTTP handlers that explicitly disallow .cs as well.