Start Free Trial

asked on

405 - HTTP verb used to access this page is not allowed

We are in the process of moving our Intranet from a machine running Windows Server 2003 to a virtual machine running Windows Server 2012 R2. The Intranet was created by a vendor who is no longer in business. Most of it consist of classic asp pages and for the most part it runs fine on the new machine.

It has a asp page with a form on it that should allows users to upload files. It works on the old server but not on the new one. On the new one we get the error in the title of this post. The pertinent HTML code is below.

<form method="POST" action="upload_action.aspx?folder=<%=request("folder")%>"enctype="multipart/form-data">
<input type="FILE" name="FILE1" size="50"/>
<input type="SUBMIT" value="Upload"/>
</form>

It should post to a aspx file but it never gets there. As soon as the button is click the error page comes up.

In IIS under Request Filtering for the Default Web Site in the HTTP Verbs tab I've added the verb "POST" and set Allowed to "True"

On the File Name Extension tab I've added ".aspx" and set allowed to true.

Any suggestions would be greatly appreciated.

a similar question was asked here:

https://www.experts-exchange.com/questions/22133787/HTTP-Error-405-The-HTTP-verb-used-to-access-this-page-is-not-allowed.html

can you confirm the steps taken here match what you've done?

ASKER

Not really as I'm dealing with IIS 8 and those instructions are for an earlier version of IIS so I'm not sure if I've don't exactly what was suggested but as I said in my question I went into IIS under Request Filtering for the Default Web Site in the HTTP Verbs tab I've added the verb "POST" and set Allowed to "True". There are no other verbs listed there but under Alerts it says that no other verbs are blocked. Do I need to add other verbs even though Post is what the code is using?

In the Edit Request Filtering Settings for the Post verb I added it has the Max allowed content length as 30000000, Max URL length as 4096 and the Max query string as 2048.

ASKER

I saw that article as well and no WebDav is not installed.

The delete verb is not explicitly allowed but it is not blocked either.

did you try explicitly allowing it?

ASKER

I did just now but with the same results.

can you provide a screen shot of all of your verbs that are listed?

also, if you post to a regular old asp page using the code above,, I assume it works?

Did you add permissions for the folder to accept the file?

Was the old site using a dll that needs to be registered?

ASKER

Hello Big Monty,

I tried modifying the code so it post to an asp page in the same folder. It didn't do anything because the page didn't have the code in it but it didn't throw an error either.

I've attached a screen shot of the verbs.
RequestFiltering.jpg

ASKER

I was mistaken. While doing the test with the regular asp page I had inadvertavtly gone to the old server. When I redid the test on the correct server I get a, "http 500 The website cannot display the page" error.

off to a doc appt, so I'll respond later this afternoon, but quick question, can you get the exact error message? this involves going to IIS and making sure "send errors to browser" is checked in the ASP section

also, can you provide a screen shot of the verbs of the old server as well? I havent looked at the one you provided but maybe it'll reveal something

ASKER

I've attached a screen shot of the old server verbs. I all set "Send Errors To Browser" to true but it doesn't give much more. The complete error message is:

405 - HTTP verb used to access this page is not allowed.
The page you are looking for cannot be displayed because an invalid method (HTTP verb) was used to attempt access.
OldServerVerbs.jpg

try adding verbs for GET, HEAD, and DEBUG, so that it matches the old server

ASKER

I added the three extra verbs but it didn't have any impact.

did you restart IIS?

ASKER

I had not initially but I just did and still the same results.

ASKER

Scott,

I'm sorry it took so long for me to get back to you. The asp application is running under the Classic ASP application pool identity which has permissions on the folder and just to test it out I gave it full control.

In regard to your other question, no there is no dll on the old server that had to be registered.

ASKER

Just to clarify a point, the folder that the file is supposed to be uploaded to is a sub-folder of the folder the asp and aspx files are in.

not sure I'm clear on that last statement...

your form code is

<form method="POST" action="upload_action.aspx?folder=<%=request("folder")%>"enctype="multipart/form-data">

is upload_action.aspx in the same folder as the calling page?

ASKER

Yes

in your original question, you said

On the File Name Extension tab I've added ".aspx" and set allowed to true.

do you have one for asp as well?

ASKER

I did not but I do know. Unfortunately I still get the same error.

I'm pretty stumped here, we've listed all of the verbs needed, you have an actual page name specified in your code (if you had just a folder, it would error). you're positive WebDav is not installed, correct? Not just disabled but completely gone from the system (it would be unchecked when you go to Add/Remove Windows Components)?

is the page public?

ASKER

Good morning,

If it is morning wherever you are. Yes WebDav is not installed. If you look in the attachment you'll see a screen shot of the "Remove Roles and Features Wizard".

ASKER

Here is the attachment.
WebDav.jpg

ASKER CERTIFIED SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

I tried moving the files to the root but had the same result. The page is on an internal Intranet so I can't give you a link to it but here is the code:

<%
if request("folder") <> "" then
	strFolder = replace(request("folder"), "%20", " ")
else
	response.redirect("myfolders.asp")
end if

FolderPath = "e:\websites\PeopleNET\FileShare\Files\" & strFolder

if request("DelFile") <> "" then
	Set fso = CreateObject("Scripting.FileSystemObject")
	Set fileObject = fso.GetFile(FolderPath & "\" & request("DelFile"))
	fileObject.Delete
end if

%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>My Folders</title>
<style>
BODY
{
    BACKGROUND-COLOR: #FFFFFF
}
TD
{
    FONT-WEIGHT: normal;
    FONT-SIZE: 10pt;
    COLOR: #000000;
    FONT-FAMILY: Verdana,Tahoma,Arial,Helvetica
}
.formClass
{
    BACKGROUND-COLOR: #FFFFFF;
    FONT-WEIGHT: normal;
    FONT-SIZE: 10pt;
    COLOR: black;
    FONT-FAMILY: Verdana,Tahoma,Arial,Helvetica
}
.lightRow {
	BACKGROUND-COLOR: #fafafa
}
.darkRow {
	BACKGROUND-COLOR: #ededed
}
.titleRow {
	BACKGROUND-COLOR: white
}
.loginRow {
	border: black solid 1px;
	BACKGROUND-COLOR: black
}
.boldText
{
    FONT-WEIGHT: bold
}
A
{
    FONT-WEIGHT: bold;
    COLOR: black;
    TEXT-DECORATION: none
}
A:hover
{
    COLOR: red;
    TEXT-DECORATION: none
}
A:visited
{
    TEXT-DECORATION: none
}
A:active
{
    TEXT-DECORATION: none
}
</style>
</head>

<body>
  <TABLE cellSpacing=0 cellPadding=2 width="100%" border=0>
    <TBODY>
      <TR class=lightRow height=60>
        <TD height="60" colspan="2"><DIV style="FONT-SIZE: 12pt">
          <table width="100%"  border="0" cellspacing="0" cellpadding="0">
            <tr>
              <td width="83%">&nbsp;&nbsp;<img height=27 src="./images/folder_open_big.png"
width=32 align=absMiddle border=0>&nbsp;<span class=boldText><%=strFolder%></span> </td>
              <td width="17%" valign="middle"><div align="right"><a href="login.asp"><img src="images/logout.gif" align=absMiddle width="16" height="16" border="0"></a> <a href="login.asp">Logout&nbsp;&nbsp;</a></div></td>
            </tr>
          </table>
        </DIV></TD>
      </TR>
      <TR class=titleRow>
        <TD>&nbsp;&nbsp;</TD>
      </TR>
      <TR>
        <TD>
          <table width="100%" border="0" cellspacing="0" cellpadding="3">
		  <tr>
		  <td width="50%"><b>Name</b></td>
		  <td width="23%"><b>Size</b></td>
		  <td width="23%"><b>Date</b></td>
		  <td width="25">&nbsp;</td>
		  </tr>
		  <% BGColor = "darkRow" %>
		  <tr class="<%=BGColor%>">
		  <TD>&nbsp;<IMG src='./images/folder_up.png' align=absMiddle border=0>&nbsp;<a href="MyFolders.asp">Back to My Folders</a></TD>
		  <td></td>
		  <td></td>
		  <td></td>
		  </tr>
            
<%

Set fso = CreateObject("Scripting.FileSystemObject") 
Set folder = fso.getFolder(FolderPath)
Set files = folder.Files 

For Each file in Files 
		
	IF BGColor = "darkRow" THEN
		BGColor = "lightRow"
	ELSE
		BGColor = "darkRow"
	END IF

	Response.Write "<TR class=" & BGColor & ">" & vbNewLine
	Response.Write "<TD>&nbsp;&nbsp;&nbsp;&nbsp;<IMG src='./images/file.png' align=absMiddle border=0>&nbsp;<a href='files/" & strFolder & "/" & file.Name & "'>" & file.Name & "</a></TD>" & vbNewLine
	Response.Write "<TD>" & file.Size & "&nbsp;bytes</TD>" & vbNewLine
	Response.Write "<TD>" & file.DateCreated & "&nbsp;</TD>" & vbNewLine
	Response.Write "<TD><a href='browse_folder.asp?folder=" & request("folder") & "&DelFile=" & file.Name & "'><IMG src='./images/delete.png' border='0'></a>&nbsp;</TD>" & vbNewLine
	Response.Write "</TR>" & vbNewLine
	
Next 

Set files = folder.Files 
Set file = Nothing 
Set fso = Nothing 
%>

          </table></TD>
      </TR>
      <TR class=titleRow>
        <TD colSpan=2>&nbsp;</TD>
      </TR>
	        <TR class=lightRow height=60>
        <TD height="60" colspan="2"><DIV style="FONT-SIZE: 12pt">
          <table width="100%"  border="0" cellspacing="0" cellpadding="0">
            <tr>
              <td><strong>Upload a File:</strong></td>
            </tr>
            <tr>
              <td width="83%">  
                
                <form method="post" action="upload_action.aspx?folder=<%=request("folder")%>" enctype="multipart/form-data">
                    <input type="file" name="FILE1" size="50"/>
                    <input type="submit" value="Upload"/>
                </form>
              </td>
             </tr>
          </table>
        </DIV></TD>
      </TR>
    </TBODY>
  </TABLE>

</body>
</html>

Open in new window

This is the code to the upload_action.aspx file:

<%
    Try
        If Request.Files.Count = 1 AndAlso Not Request.Files(0).FileName Is Nothing AndAlso Request.Files(0).FileName <> "" Then
            Dim l_sFileName As String


            l_sFileName = Server.MapPath("./Files/" & Request.QueryString("folder") & "/" & System.IO.Path.GetFileName(Request.Files(0).FileName))

            If System.IO.File.Exists(l_sFileName) Then
                System.IO.File.Delete(l_sFileName)
            End If

            Request.Files(0).SaveAs(l_sFileName)
        End If

        Response.Redirect("browse_folder.asp?folder=" & Request.QueryString("folder"))

    Catch ex As Exception
        Response.Write(ex.ToString)
    End Try

%>

Open in new window

ASKER

I found the problem. In IIS the app the page is running under was in the Classic ASP application pool instead of the .net v 2.0 application pool.

ASKER

As you spent consierable time trying to help me through this issue the points are yours.

that's great, glad you got it working!!!