Custom headers ASP.net MVC - asp.net-mvc

I'm trying to serve WebDav requests to create a CalDav server so that users can access our calendar function easily on any device of their choosing.
The problem is in trying to serve any custom headers. I've written a custom ActionResult that sets up any result easily in the right way. Upon a OPTIONS request, which gets recognized, it adds:
response.AppendHeader("Allow", "OPTIONS, PROPFIND, HEAD, GET, REPORT, PROPPATCH, PUT, DELETE, POST");
When I look into the request that the end-user receives the following header appears:
Allow: OPTIONS, TRACE, GET, HEAD, POST
When I then try to do a request with the custom header PROPFIND it simply returns a 404 error. I tried googling but there is not a lot around about this stuff. It's probably something I have to enable or disable.

https://www.iis.net/configreference/system.webserver/httpprotocol/customheaders
please see section How To.
You can do it on multiple ways
IIS
Web.Config
Code : C#, VB.NET, JavaScript

I had to remove the WebDavModule and WebDav handler in the web config. After I had done that it worked perfectly.
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
</system.webServer>

Related

Side effects of disabling WebDAVModule in ASP.NET MVC WebAPI?

In my WebAPI application, I faced similar issue of 405 method not allowed web api
and this issue; Asp.NET Web API - 405 - HTTP verb used to access this page is not allowed - how to set handler mappings
I had to disable WebDAVModule in my web.config like below;
<modules>
<remove name="WebDAVModule"/>
</modules>
<handlers>
<remove name="WebDAV"/>
</handlers>
I do not depend explicitly to this module, but I am just wondering that would disabling this module could create any significant performance/security problems? I checked documentation below, but could not find anything specific to it.
https://learn.microsoft.com/en-us/iis/get-started/whats-new-in-iis-7/what39s-new-for-webdav-and-iis-7

how to call cross domain ajax calls using angular /Jquery

I have a application hosted with domain www.abc.com .This is actually WebApi application . I want to build a separate UI application using asp.net mvc, and its domain is www.xyz.com.
The UI application consuming Angular,HTML5 and other Web technologies.Here i really need to perform GET,PUT,POST,DELETE against www.abc.com. unfortunately the limitation of jsonp , i like to choose CORS (HTML5 Cors), but i can't pass json object to CORS calls . what are the best possible best approach to call cross domain calls (GET,PUT,POST,DELETE) using angularJs with my problem scenario . What should i change in IIS to handle CORS request.
add below web.config in webapi
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
</system.webServer>
and in angular, set below config options for $http
header("Access-Control-Allow-Credentials: true");
header("Access-Control-Allow-Origin: http://url.com:8080");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization");
also check: this link
To enable cross domain ajax calls you can place crossdomain.config in asp.net web api root folder when published with following contents.
<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>

MVC site deployed on Azure returns error when accessing elmah

I have an MVC WebAPI site that has the latest ELMAH.MVC NuGet package installed. Under Visual Studio, I can access
http://localhost:1234/elmah
and get the error log, just like I'm supposed to be able to.
When I deploy it to Azure, it throws an error when I do that. Fortunately, Elmah is logging the error to the XmlError log in App_Data, and I found this:
<error errorId="92ad3ee1-3fd5-449a-8cb4-0474aa771aab"
application="/LM/W3SVC/417796901/ROOT"
host="RD00155D430783" type="System.Web.HttpException"
message="Server cannot set status after HTTP headers have been sent."
source="System.Web"
detail="System.Web.HttpException (0x80004005): Server cannot set status after HTTP headers have been sent.
And then goes on for many lines of stack trace, NONE of which comes anywhere near my code.
What's going on? I've just added the Elmah.MVC nuget package, and made the following changes to the Web.Config
<elmah>
<security allowRemoteAccess="yes"/>
<errorLog type="Elmah.XmlFileErrorLog, Elmah" logPath="~/App_Data" />
</elmah>
<location path="elmah.axd">
<system.web>
<allow roles="*" />
</system.web>
</location>
It's not coming anywhere near any of my controllers, so I don't have any control over when Http status headers are set or sent.
Thanks for any help.
itanex is right! Put an empty text file (i.e. placeholder.txt) in the App_Data folder and mark it as "Content" and "Always Copy" - This will ensure that the App_Data folder is getting created. Also, as Simon point out, the correct path (based on your config) is /elmah.axd
via https://stackoverflow.com/a/11680786/1037948:
Allow remote access:
<elmah>
<security allowRemoteAccess="true"/>
</elmah>

MVC 4. IIS 7.5 PUT returning 405

I'm trying to use PUT in an MVC 4 application and I'm getting a 405 error.
In my routing I have a constraint on the route to allow PUT and POST, POST to the endpoint works, PUT fails with a 405.
I've followed the advice here ASP.NET Web API returns 404 for PUT only on some servers and here ASP.NET MVC got 405 error on HTTP DELETE request?
I've also deleted WeDAV from IIS, but I'm still getting the 405. Anybody have any other suggestions?
I'm also having exactly the same issue on IIS 8 (with Visual Studio 2012), for that I've followed this advice ASP.NET Web API - PUT & DELETE Verbs Not Allowed - IIS 8 and still no luck
My hosting provider could NOT uninstall WebDAV as this would affect everyone.
This, runAllManagedModulesForAllRequests="true" , worked but was not recommended.
Many fixes included removing the module for WebDAVModule but that still didn't work. I removed the handler also, and finally I could use all verbs POST GET PUT DELETE.
Remove WebDAVModule and WebDAV in modules and handlers.
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
As I said above I'm using the WebAPI and it appears that the WebAPI is 'fussy' over which verbs map to which methods. I ended up having to add the [HttpXXX] attributes (HttpPut, Get, Delete and Post) to the appropriate methods to get the routing to work as I expected it to.
Putting my 2 cents in... Clicking on my site under iis showed 'WebDAV Authoring Rules' as the last entry under 'IIS'. Double-clicking on that showed 'The WebDAV feature has been disabled.' alert on the right and there was a link for 'Enable WebDAV' but it still didn't work. I followed Stanomatic's suggestion above, the handlers section didn't matter, and my modules looked like this:
<modules runAllManagedModulesForAllRequests="true" />
I just added the remove in it and that fixed my problem:
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
</modules>

ASP.NET MVC got 405 error on HTTP DELETE request?

I'm trying to pass the DELETE to a URL in asp.net MVC using JavaScript but however i always got 405 Method not allow return.
is there anyway to make this work?
FYI: I've put the [AcceptVerb(HttpVerb.Delete)] attribute on my controller.
DELETE /post/delete/8
this is the request
It was frustrating to me too. It is because WebDAVModule is installed by default on IIS 7.5. By removing the module, you can get rid of this frustrating restriction. Simply,
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule"/> <- add this
from http://shouldersofgiants.co.uk/Blog/post/2009/11/27/HTTP-Error-405-With-ASPNet-MVC-and-HTTP-PUT-on-IIS-75.aspx
You should check the web.config (if using IIS7, else the IIS manager for IIS6 and below) to make sure the DELETE verb is mapped to the MCV request handler.

Resources