Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

C# ASPX - 404 error when HTML is passed to a dynamic page.

Posted on 2010-11-13
10
857 Views
Last Modified: 2012-05-10
IIS 7:  I'm trying not to touch the Machine config file if I don't have to for this, but if that is the only way...

In my site (.NET 4.0, C#, ASP.NET, IIS7) I only have a single page called dynamic.aspx.  I presently have the 404 error redirected to it:
...
    <customErrors mode="On" redirectMode="ResponseRewrite" >
      <error statusCode="404" redirect="dynamic.aspx" />
...
My site successfully reads the attempted page, and looks up the content in a DB to display.


:::PROBLEM:::

Forms work normally, I can login, I can edit content through form editor, BUT when I include HTML content, like a BR or HR tag, or any HTML code, I get a 404 error.  

I don't want to change the IIS configuration, because I would like to run this on a shared hosting server, instead of having to pay for something more dedicated.  (if needed, it can be done, but I really want a cheaper solution)

:::Direction:::
I believe that IIS has a protection in place for blocking HTML code submitted through forms.  And when that protection is fired, it is no longer using the Web.Config's 404 information.  

Any ideas?
0
Comment
Question by:hpdvs2
  • 5
  • 4
10 Comments
 
LVL 16

Expert Comment

by:BurnieP
ID: 34128405
You can try adding ValidateRequest="false" to the <@Page directives:

<%@ Page Language="C#" ValidateRequest="false" AutoEventWireup="true" CodeBehind="~/Default.aspx.cs" Inherits="Sample._Default" %>
0
 
LVL 29

Expert Comment

by:David H.H.Lee
ID: 34128428
Hi hpdvs2,
If you want to submitted HTML code related post via form editor, you need to turn off validateRequest property. But, you need to aware of this allowed script for system vulnerability issue.
eg:
<%@ Page Language="VB" ValidateRequest="false" %>

Check this for more details:
http://www.asp101.com/articles/john/textedit/default.asp 
0
 
LVL 8

Author Comment

by:hpdvs2
ID: 34128948
Thanks, but neither of these solutions repaired this problem.  I still get the default 404 error page showing up.  The problem is that the page is not even getting contacted.  

Nothing in the code gets touched.  It is showing the html 404 page, instead of getting to the actual dynamic.aspx (my 404) page.
0
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

 
LVL 16

Expert Comment

by:BurnieP
ID: 34129017
If you are accessing an .aspx page and you really have customerror section defined in the web.config, it will redirect to the custom page you have defined there.

I am guessing that you are trying to access a page with a different extension, hence why asp.net doesn't know, and is not redirecting you.  If you want to enable redirection to a custom page from a non-.aspx file, you will need to edit the configuration of your website in IIS.

I am copy pasting an explanation how to do it from : http://forums.asp.net/p/1317222/2610063.aspx 
They are talking about the same kind of error you have.  I hope it helps.

This is because ASP.NET never even knows that there has been a request for the .htm page. IIS will handle .htm pages by itself without involving ASP.NET at all.

You can get your custom page to show in one of two ways:

1.Get ASP.NET to process .htm pages: In IIS rightclick your website/virtual directory --> properties --> home directory/virtual directory tab --> "configuration" button under the "application settings" section --> Add the mapping.
2.Set the custom error page for IIS: In IIS rightclick your website/virtual directory --> properties --> custom errors tab --> set the 404 error to the page your error page.


0
 
LVL 8

Author Comment

by:hpdvs2
ID: 34129809
Thanks, but I believe you missed part of the explanation.  The 404 redirection works.  

All pages correctly display the dynamic.aspx page.  (hidden behind the original URL.)

Form submits also work against them.  

And I have also tried messing with IIS, exactly as you have suggested, to make sure I didn't miss anything.

The problem is specifically when HTML tags are included in the form submission.

When that happens, I get one of the default 404 errors, instead of my dynamic aspx page (as I normally get)
0
 
LVL 16

Expert Comment

by:BurnieP
ID: 34131502
Ok,

I think I understand your question now.  It would be error 500 and not 404.

You will need to add :

    <customErrors mode="On" redirectMode="ResponseRewrite" >
      <error statusCode="404" redirect="dynamic.aspx" />
      <error statusCode="500" redirect="dynamic.aspx" />
0
 
LVL 8

Author Comment

by:hpdvs2
ID: 34131543
Thanks, thats the same answer I got on a repost, but allow me to show you the error page I'm getting:

Server Error in '/LbpSite2' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable.  Please review the following URL and make sure that it is spelled correctly.

Requested URL: /LbpSite2/Content Editor.aspx
0
 
LVL 8

Author Comment

by:hpdvs2
ID: 34131554
I just tried adding the 500 error as well and refreshing the server, and I'm still receiving the same problem.
0
 
LVL 16

Accepted Solution

by:
BurnieP earned 500 total points
ID: 34133655
Hi hpdvs2,

One last thing.. do you have a ErrorPage directive defined in your @Page directives?  Maybe it is trying to open that page and it doesn't find it.

:)
0
 
LVL 8

Author Comment

by:hpdvs2
ID: 34138968
An answer did come in, from BurnieP
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Any business that wants to seriously grow needs to keep the needs and desires of an international audience of their websites in mind. Making a website friendly to international users isn’t prohibitively expensive and can provide an incredible return…
Does your audience prefer people in photos or no people? How can you best highlight what you’re selling? What are your competitors doing, and what can you do that is different and unique from them?  Continue reading to learn how to make your images …
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question