Is it possible to rewrite url using ColdFusion? - url

I have got a requirement for generating user friendly urls.I am on IIS.
My dynamic URLs looks like,
www.testsite.com/blog/article.cfm?articleid=4432
Client wants the urls should look like
www.testsite.com/blog/article_title
I know this can be easily done using IIS URL rewiter 2.0.
But the Client wants to do it using ColdFusion only. Basic idea he given like,
User will hit the url www.testsite.com/blog/article_title
I need to fetch the article id using the article_title in the url.
Using the ID to call the article.cfm page and load the output into cfsavecontent and then deliver that output to the browser.
But I do not think its possible at application server level. How IIS will understand our user friendly urls . OR am I missing something important? Is it possible to do it using ColdFusion at application server level?

First, I hate to recommend reinventing the wheel. Webservers do this and do this well.
Cold Fusion can do something like this with #cgi.path_info#. You can jump through some hoops as Adam Tuttle explains here: Can I have 'friendly' url's without a URL rewriter in IIS?.
Option #2: My Favorite: OnMissingTemplate..
Only available to users of Application.cfc (I'm pretty sure .cfm has no counterpart to onMissingTemplate).
You can use this function within application.cfc and all affected pages will throw any "missing" urls at this event. You can then place
<cffunction name="onMissingTemplate">
<cfargument name="targetPage" type="string" required=true/>
<!--- Use a try block to catch errors. --->
<cftry>
<cfset local.pagename = listlast(cgi.script_name,"/")>
<cfswitch expression="#listfirst(cgi.script_name,"/")#">
<cfcase value="blog">
<cfinclude template="mt_blog.cfm">
<cfreturn true />
</cfcase>
</cfswitch>
<cfreturn false />
<!--- If no match, return false to pass back to default handler. --->
<cfcatch>
<!--- Do some error logging here --->
<cfreturn false />
</cfcatch>
</cftry>
</cffunction>
mt_blog.cfm can have contents like, if your url is say just like /blog/How-to-train-your-flea-circus.cfm
<!--- get everything after the slash and before the dot --->
<cfset pagename = listfirst(listlast(cgi.script_name,"/"),".")>
<!--- you may probably cache queries blog posts --->
<cfquery name="getblogpost">
select bBody,bTitle,bID
from Blog
where urlname = <cfqueryparam cfsqltype="cf_sql_varchar" value="#pagename#">
</cfquery>
<!--- This assumes you will have a field, ex: urlname, that has a url-friendly format to match
to. The trouble is that titles are generically, in most blogs, changing every special char
to - or _, so it's difficult to change them back for this sort of comparison, so an add'l
db field is probably best. It also makes it a little easier to make sure no two blogs have
identical (after url-safe-conversion) titles. --->
...
Or if you use a url like /blog/173_How-to-train-your-flea-circus.cfm (where 173 is a post ID)
<!--- get everything after the slash and before the dot --->
<cfset pageID = listfirst(listlast(cgi.script_name,"/"),"_")>
<!--- you may probably cache queries blog posts --->
<cfquery name="getblogpost">
select bBody,bTitle,bID
from Blog
where bID = <cfqueryparam cfsqltype="cf_sql_integer" value="#pageID#">
</cfquery.
...

I don't recommend using a missing file handler (or CF's onMissingTemplate). Otherwise IIS will return a 404 status code and your page will not be indexed by search engines.
What you need to do is identify a unique prefix pattern you want to use and create a web.config rewrite rule. Example: I sometimes use "/detail_"+id for product detail pages.
You don't need to retain a physical "/blog" sub-directory if you don't want to. Add the following rewrite rule to the web.config file in the web root to accept anything after /blog/ in the URL and interpret it as /?blogtitle=[everythingAfterBlog]. (I've added an additional clause in case you want to continue to support /blog/article.cfm links.)
<rules>
<rule name="Blog" patternSyntax="ECMAScript" stopProcessing="true">
<match url="blog/(.*)$" ignoreCase="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{SCRIPT_FILENAME}" matchType="IsFile" negate="true" />
<add input="{PATH_INFO}" pattern="^.*(blog/article.cfm).*$" negate="true" />
</conditions>
<action type="Rewrite" url="/?blogtitle={R:1}" appendQueryString="true" />
</rule>
</rules>
I recommend using a "301 Redirect" to the new SEO-friendly URL. I also advise using dashes (-) between word fragments and ensure that the character case is consistent (ie, lowercase) or you could get penalized for "duplicate content".

To add to what cfqueryparam suggested, this post on Using ColdFusion to Handle 404 errors shows how to replace the web server's 404 handler with a CFM script - giving you full rewrite capabilities. It is for an older version of IIS, but you should be able to find the proper settings in the IIS version you are using.
As Adam and other's have said (and the same point is made in the post) this is not something you should do if you can avoid it. Web servers working at the HTTP level are much better equipped to do this efficiently. When you rely on CF to do it you are intentionally catching errors that are thrown in order to get the behavior you want. That's expensive and unnecessary. Typically the issue with most clients or stakeholders is a simple lack of understanding or familiarity with technology like url rewriting. See if you can bend them a little. Good luck! :)

Related

Best approach to intermittent "the nonce was null" error

I have an ASP.NET application that validates the user using a separate identity provider (using the OpenID Connect protocol.)
Users are complaining of an itermittent error:
Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolInvalidNonceException: IDX21323: RequireNonce is '[PII is hidden]'. OpenIdConnectProtocolValidationContext.Nonce was null, OpenIdConnectProtocol.ValidatedIdToken.Payload.Nonce was not null. The nonce cannot be validated. If you don't need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to 'false'. Note if a 'nonce' is found it will be evaluated.
Users experience this error, then discover if they try the login process again it works.
I can reproduce this error by initiating the login process, and while on the identity provider page, clearing the cookie prefixed with OpenIdConnect.nonce.
The error messages suggests setting OpenIdConnectProtocolValidator.RequireNonce to false. I believe this to be an unsatisfactory solution, because it would make the site vulnerable to replay attacks.
Is there a "best practice" way for the website to gracefully deal with this error?
Sometimes the inelegant solution is all you need.
I just display an error, and ask the user to try again.
I suspect the typical user will read the words "Sign In Error", read half of the first sentence, and then click on the button without a second thought.
We thought ours was an intermittent problem but it turned out to be just links coming from Office applications like Word, Excel, PowerPoint. I added a rewrite rule to the web.config file and the error immediately went away:
<rule name="WordBypass" enabled="true" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_USER_AGENT}" pattern="Word|Excel|PowerPoint|ms-office" />
</conditions>
<action type="CustomResponse" statusCode="200" statusReason="Refresh" statusDescription="Refresh" />
</rule>

HTTP Error 404.0 - Not Found on action in controller. MVC [duplicate]

I have a project that requires my URLs have dots in the path. For example I may have a URL such as www.example.com/people/michael.phelps
URLs with the dot generate a 404. My routing is fine. If I pass in michaelphelps, without the dot, then everything works. If I add the dot I get a 404 error. The sample site is running on Windows 7 with IIS8 Express. URLScan is not running.
I tried adding the following to my web.config:
<security>
<requestFiltering allowDoubleEscaping="true"/>
</security>
Unfortunately that didn't make a difference. I just receive a 404.0 Not Found error.
This is a MVC4 project but I don't think that's relevant. My routing works fine and the parameters I expect are there, until they include a dot.
What do I need to configure so I can have dots in my URL?
I got this working by editing my site's HTTP handlers. For my needs this works well and resolves my issue.
I simply added a new HTTP handler that looks for specific path criteria. If the request matches it is correctly sent to .NET for processing. I'm much happier with this solution that the URLRewrite hack or enabling RAMMFAR.
For example to have .NET process the URL www.example.com/people/michael.phelps add the following line to your site's web.config within the system.webServer / handlers element:
<add name="ApiURIs-ISAPI-Integrated-4.0"
path="/people/*"
verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS"
type="System.Web.Handlers.TransferRequestHandler"
preCondition="integratedMode,runtimeVersionv4.0" />
Edit
There are other posts suggesting that the solution to this issue is RAMMFAR or RunAllManagedModulesForAllRequests. Enabling this option will enable all managed modules for all requests. That means static files such as images, PDFs and everything else will be processed by .NET when they don't need to be. This options is best left off unless you have a specific case for it.
After some poking around I found that relaxedUrlToFileSystemMapping did not work at all for me, what worked in my case was setting RAMMFAR to true, the same is valid for (.net 4.0 + mvc3) and (.net 4.5 + mvc4).
<system.webserver>
<modules runAllManagedModulesForAllRequests="true">
Be aware when setting RAMMFAR true Hanselman post about RAMMFAR and performance
I believe you have to set the property relaxedUrlToFileSystemMapping in your web.config. Haack wrote an article about this a little while ago (and there are some other SO posts asking the same types of question)
<system.web>
<httpRuntime relaxedUrlToFileSystemMapping="true" />
Edit
From the comments below, later versions of .NET / IIS may require this to be in the system.WebServer element.
<system.webServer>
<httpRuntime relaxedUrlToFileSystemMapping="true" />
I got stuck on this issue for a long time following all the different remedies without avail.
I noticed that when adding a forward slash [/] to the end of the URL containing the dots [.], it did not throw a 404 error and it actually worked.
I finally solved the issue using a URL rewriter like IIS URL Rewrite to watch for a particular pattern and append the training slash.
My URL looks like this: /Contact/~firstname.lastname so my pattern is simply: /Contact/~(.*[^/])$
I got this idea from Scott Forsyth, see link below:
http://weblogs.asp.net/owscott/handing-mvc-paths-with-dots-in-the-path
Just add this section to Web.config, and all requests to the route/{*pathInfo} will be handled by the specified handler, even when there are dots in pathInfo. (taken from ServiceStack MVC Host Web.config example and this answer https://stackoverflow.com/a/12151501/801189)
This should work for both IIS 6 & 7. You could assign specific handlers to different paths after the 'route' by modifying path="*" in 'add' elements
<location path="route">
<system.web>
<httpHandlers>
<add path="*" type="System.Web.Handlers.TransferRequestHandler" verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" />
</httpHandlers>
</system.web>
<!-- Required for IIS 7.0 -->
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add name="ApiURIs-ISAPI-Integrated-4.0" path="*" type="System.Web.Handlers.TransferRequestHandler" verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
</location>
MVC 5.0 Workaround.
Many of the suggested answers doesn't seem to work in MVC 5.0.
As the 404 dot problem in the last section can be solved by closing that section with a trailing slash, here's the little trick I use, clean and simple.
While keeping a convenient placeholder in your view:
#Html.ActionLink("Change your Town", "Manage", "GeoData", new { id = User.Identity.Name }, null)
add a little jquery/javascript to get the job done:
<script>
$('a:contains("Change your Town")').on("click", function (event) {
event.preventDefault();
window.location.href = '#Url.Action("Manage", "GeoData", new { id = User.Identity.Name })' + "/";
});</script>
please note the trailing slash, that is responsible for changing
http://localhost:51003/GeoData/Manage/user#foo.com
into
http://localhost:51003/GeoData/Manage/user#foo.com/
Super easy answer for those that only have this on one webpage. Edit your actionlink and a + "/" on the end of it.
#Html.ActionLink("Edit", "Edit", new { id = item.name + "/" }) |
Depending on how important it is for you to keep your URI without querystrings, you can also just pass the value with dots as part of the querystring, not the URI.
E.g. www.example.com/people?name=michael.phelps will work, without having to change any settings or anything.
You lose the elegance of having a clean URI, but this solution does not require changing or adding any settings or handlers.
You might want to think about using dashes instead of periods.
In Pro ASP MVC 3 Framework they suggest this about making friendly URLs:
Avoid symbols, codes, and character sequences. If you want a word
separator, use a dash (/my-great-article). Underscores are unfriendly,
and URL-encoded spaces are bizarre (/my+great+article) or disgusting
(/my%20great%20article).
It also mentions that URLs should be be easy to read and change for humans. Maybe a reason to think about using a dash instead of a dot also comes from the same book:
Don't use file name extensions for HTML pages (.aspx or .mvc), but do use them for specialized file types (.jpg, .pdf, .zip, etc). Web browsers don't care about file name extensions if you set the MIME type appropriately, but humans still expect PDF files to end with .pdf
So while a period is still readable to humans (though less readable than dashes, IMO), it might still be a bit confusing/misleading depending on what comes after the period. What if someone has a last name of zip? Then the URL will be /John.zip instead of /John-zip, something that can be misleading even to the developer that wrote the application.
Would it be possible to change your URL structure?
For what I was working on I tried a route for
url: "Download/{fileName}"
but it failed with anything that had a . in it.
I switched the route to
routes.MapRoute(
name: "Download",
url: "{fileName}/Download",
defaults: new { controller = "Home", action = "Download", }
);
Now I can put in localhost:xxxxx/File1.doc/Download and it works fine.
My helpers in the view also picked up on it
#Html.ActionLink("click here", "Download", new { fileName = "File1.doc"})
that makes a link to the localhost:xxxxx/File1.doc/Download format as well.
Maybe you could put an unneeded word like "/view" or action on the end of your route so your property can end with a trailing / something like /mike.smith/view
As solution could be also considering encoding to a format which doesn't contain symbol., as base64.
In js should be added
btoa(parameter);
In controller
byte[] bytes = Convert.FromBase64String(parameter);
string parameter= Encoding.UTF8.GetString(bytes);
It's as simple as changing path="." to path="". Just remove the dot in the path for ExensionlessUrlHandler-Integrated-4.0 in web.config.
Here's a nice article https://weblog.west-wind.com/posts/2015/Nov/13/Serving-URLs-with-File-Extensions-in-an-ASPNET-MVC-Application
Tried all the solutions above but none of them worked for me. What did work was I uninstalling .NET versions > 4.5, including all its multilingual versions; Eventually I added newer (English only) versions piece by piece. Right now versions installed on my system is this:
2.0
3.0
3.5 4
4.5
4.5.1
4.5.2
4.6
4.6.1
And its still working at this point. I'm afraid to install 4.6.2 because it might mess everything up.
So I could only speculate that either 4.6.2 or all those non-English versions were messing up my configuration.
I was able to solve my particular version of this problem (had to make /customer.html route to /customer, trailing slashes not allowed) using the solution at https://stackoverflow.com/a/13082446/1454265, and substituting path="*.html".
Add URL Rewrite rule to Web.config archive. You need to have the URL Rewrite module already installed in IIS. Use the following rewrite rule as inspiration for your own.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Add trailing slash for some URLs" stopProcessing="true">
<match url="^(.*(\.).+[^\/])$" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Redirect" url="{R:1}/" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Also, (related) check the order of your handler mappings. We had a .ashx with a .svc (e.g. /foo.asmx/bar.svc/path) in the path after it. The .svc mapping was first so 404 for the .svc path which matched before the .asmx.
Havn't thought too much but maybe url encodeing the path would take care of this.
This is the best solution I have found for the error 404 on IIS 7.5 and .NET Framework 4.5 environment, and without using: runAllManagedModulesForAllRequests="true".
I followed this thread: https://forums.asp.net/t/2070064.aspx?Web+API+2+URL+routing+404+error+on+IIS+7+5+IIS+Express+works+fine and I have modified my web.config accordingly, and now the MVC web app works well on IIS 7.5 and .NET Framework 4.5 environment.
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Web;
using System.Web.Mvc;
namespace WebApplication1.Controllers
{
[RoutePrefix("File")]
[Route("{action=index}")]
public class FileController : Controller
{
// GET: File
public ActionResult Index()
{
return View();
}
[AllowAnonymous]
[Route("Image/{extension?}/{filename}")]
public ActionResult Image(string extension, string filename)
{
var dir = Server.MapPath("/app_data/images");
var path = Path.Combine(dir, filename+"."+ (extension!=null? extension:"jpg"));
// var extension = filename.Substring(0,filename.LastIndexOf("."));
return base.File(path, "image/jpeg");
}
}
}

Dots in URL causes 404 with ASP.NET mvc and IIS

I have a project that requires my URLs have dots in the path. For example I may have a URL such as www.example.com/people/michael.phelps
URLs with the dot generate a 404. My routing is fine. If I pass in michaelphelps, without the dot, then everything works. If I add the dot I get a 404 error. The sample site is running on Windows 7 with IIS8 Express. URLScan is not running.
I tried adding the following to my web.config:
<security>
<requestFiltering allowDoubleEscaping="true"/>
</security>
Unfortunately that didn't make a difference. I just receive a 404.0 Not Found error.
This is a MVC4 project but I don't think that's relevant. My routing works fine and the parameters I expect are there, until they include a dot.
What do I need to configure so I can have dots in my URL?
I got this working by editing my site's HTTP handlers. For my needs this works well and resolves my issue.
I simply added a new HTTP handler that looks for specific path criteria. If the request matches it is correctly sent to .NET for processing. I'm much happier with this solution that the URLRewrite hack or enabling RAMMFAR.
For example to have .NET process the URL www.example.com/people/michael.phelps add the following line to your site's web.config within the system.webServer / handlers element:
<add name="ApiURIs-ISAPI-Integrated-4.0"
path="/people/*"
verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS"
type="System.Web.Handlers.TransferRequestHandler"
preCondition="integratedMode,runtimeVersionv4.0" />
Edit
There are other posts suggesting that the solution to this issue is RAMMFAR or RunAllManagedModulesForAllRequests. Enabling this option will enable all managed modules for all requests. That means static files such as images, PDFs and everything else will be processed by .NET when they don't need to be. This options is best left off unless you have a specific case for it.
After some poking around I found that relaxedUrlToFileSystemMapping did not work at all for me, what worked in my case was setting RAMMFAR to true, the same is valid for (.net 4.0 + mvc3) and (.net 4.5 + mvc4).
<system.webserver>
<modules runAllManagedModulesForAllRequests="true">
Be aware when setting RAMMFAR true Hanselman post about RAMMFAR and performance
I believe you have to set the property relaxedUrlToFileSystemMapping in your web.config. Haack wrote an article about this a little while ago (and there are some other SO posts asking the same types of question)
<system.web>
<httpRuntime relaxedUrlToFileSystemMapping="true" />
Edit
From the comments below, later versions of .NET / IIS may require this to be in the system.WebServer element.
<system.webServer>
<httpRuntime relaxedUrlToFileSystemMapping="true" />
I got stuck on this issue for a long time following all the different remedies without avail.
I noticed that when adding a forward slash [/] to the end of the URL containing the dots [.], it did not throw a 404 error and it actually worked.
I finally solved the issue using a URL rewriter like IIS URL Rewrite to watch for a particular pattern and append the training slash.
My URL looks like this: /Contact/~firstname.lastname so my pattern is simply: /Contact/~(.*[^/])$
I got this idea from Scott Forsyth, see link below:
http://weblogs.asp.net/owscott/handing-mvc-paths-with-dots-in-the-path
Just add this section to Web.config, and all requests to the route/{*pathInfo} will be handled by the specified handler, even when there are dots in pathInfo. (taken from ServiceStack MVC Host Web.config example and this answer https://stackoverflow.com/a/12151501/801189)
This should work for both IIS 6 & 7. You could assign specific handlers to different paths after the 'route' by modifying path="*" in 'add' elements
<location path="route">
<system.web>
<httpHandlers>
<add path="*" type="System.Web.Handlers.TransferRequestHandler" verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" />
</httpHandlers>
</system.web>
<!-- Required for IIS 7.0 -->
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add name="ApiURIs-ISAPI-Integrated-4.0" path="*" type="System.Web.Handlers.TransferRequestHandler" verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
</location>
MVC 5.0 Workaround.
Many of the suggested answers doesn't seem to work in MVC 5.0.
As the 404 dot problem in the last section can be solved by closing that section with a trailing slash, here's the little trick I use, clean and simple.
While keeping a convenient placeholder in your view:
#Html.ActionLink("Change your Town", "Manage", "GeoData", new { id = User.Identity.Name }, null)
add a little jquery/javascript to get the job done:
<script>
$('a:contains("Change your Town")').on("click", function (event) {
event.preventDefault();
window.location.href = '#Url.Action("Manage", "GeoData", new { id = User.Identity.Name })' + "/";
});</script>
please note the trailing slash, that is responsible for changing
http://localhost:51003/GeoData/Manage/user#foo.com
into
http://localhost:51003/GeoData/Manage/user#foo.com/
Super easy answer for those that only have this on one webpage. Edit your actionlink and a + "/" on the end of it.
#Html.ActionLink("Edit", "Edit", new { id = item.name + "/" }) |
Depending on how important it is for you to keep your URI without querystrings, you can also just pass the value with dots as part of the querystring, not the URI.
E.g. www.example.com/people?name=michael.phelps will work, without having to change any settings or anything.
You lose the elegance of having a clean URI, but this solution does not require changing or adding any settings or handlers.
You might want to think about using dashes instead of periods.
In Pro ASP MVC 3 Framework they suggest this about making friendly URLs:
Avoid symbols, codes, and character sequences. If you want a word
separator, use a dash (/my-great-article). Underscores are unfriendly,
and URL-encoded spaces are bizarre (/my+great+article) or disgusting
(/my%20great%20article).
It also mentions that URLs should be be easy to read and change for humans. Maybe a reason to think about using a dash instead of a dot also comes from the same book:
Don't use file name extensions for HTML pages (.aspx or .mvc), but do use them for specialized file types (.jpg, .pdf, .zip, etc). Web browsers don't care about file name extensions if you set the MIME type appropriately, but humans still expect PDF files to end with .pdf
So while a period is still readable to humans (though less readable than dashes, IMO), it might still be a bit confusing/misleading depending on what comes after the period. What if someone has a last name of zip? Then the URL will be /John.zip instead of /John-zip, something that can be misleading even to the developer that wrote the application.
Would it be possible to change your URL structure?
For what I was working on I tried a route for
url: "Download/{fileName}"
but it failed with anything that had a . in it.
I switched the route to
routes.MapRoute(
name: "Download",
url: "{fileName}/Download",
defaults: new { controller = "Home", action = "Download", }
);
Now I can put in localhost:xxxxx/File1.doc/Download and it works fine.
My helpers in the view also picked up on it
#Html.ActionLink("click here", "Download", new { fileName = "File1.doc"})
that makes a link to the localhost:xxxxx/File1.doc/Download format as well.
Maybe you could put an unneeded word like "/view" or action on the end of your route so your property can end with a trailing / something like /mike.smith/view
As solution could be also considering encoding to a format which doesn't contain symbol., as base64.
In js should be added
btoa(parameter);
In controller
byte[] bytes = Convert.FromBase64String(parameter);
string parameter= Encoding.UTF8.GetString(bytes);
It's as simple as changing path="." to path="". Just remove the dot in the path for ExensionlessUrlHandler-Integrated-4.0 in web.config.
Here's a nice article https://weblog.west-wind.com/posts/2015/Nov/13/Serving-URLs-with-File-Extensions-in-an-ASPNET-MVC-Application
Tried all the solutions above but none of them worked for me. What did work was I uninstalling .NET versions > 4.5, including all its multilingual versions; Eventually I added newer (English only) versions piece by piece. Right now versions installed on my system is this:
2.0
3.0
3.5 4
4.5
4.5.1
4.5.2
4.6
4.6.1
And its still working at this point. I'm afraid to install 4.6.2 because it might mess everything up.
So I could only speculate that either 4.6.2 or all those non-English versions were messing up my configuration.
I was able to solve my particular version of this problem (had to make /customer.html route to /customer, trailing slashes not allowed) using the solution at https://stackoverflow.com/a/13082446/1454265, and substituting path="*.html".
Add URL Rewrite rule to Web.config archive. You need to have the URL Rewrite module already installed in IIS. Use the following rewrite rule as inspiration for your own.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Add trailing slash for some URLs" stopProcessing="true">
<match url="^(.*(\.).+[^\/])$" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Redirect" url="{R:1}/" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Also, (related) check the order of your handler mappings. We had a .ashx with a .svc (e.g. /foo.asmx/bar.svc/path) in the path after it. The .svc mapping was first so 404 for the .svc path which matched before the .asmx.
Havn't thought too much but maybe url encodeing the path would take care of this.
This is the best solution I have found for the error 404 on IIS 7.5 and .NET Framework 4.5 environment, and without using: runAllManagedModulesForAllRequests="true".
I followed this thread: https://forums.asp.net/t/2070064.aspx?Web+API+2+URL+routing+404+error+on+IIS+7+5+IIS+Express+works+fine and I have modified my web.config accordingly, and now the MVC web app works well on IIS 7.5 and .NET Framework 4.5 environment.
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Web;
using System.Web.Mvc;
namespace WebApplication1.Controllers
{
[RoutePrefix("File")]
[Route("{action=index}")]
public class FileController : Controller
{
// GET: File
public ActionResult Index()
{
return View();
}
[AllowAnonymous]
[Route("Image/{extension?}/{filename}")]
public ActionResult Image(string extension, string filename)
{
var dir = Server.MapPath("/app_data/images");
var path = Path.Combine(dir, filename+"."+ (extension!=null? extension:"jpg"));
// var extension = filename.Substring(0,filename.LastIndexOf("."));
return base.File(path, "image/jpeg");
}
}
}

Routing static files in ASP.NET MVC 3 like robots.txt

I would like to have the following link "http://mywebsite.com/robots.txt" linked to a static file ~/Content/robots.txt.
How can I do this?
Thanks,
Merijn
Adding a route like this should do the trick. This way any static .txt file like robots.txt can be served.
routes.IgnoreRoute("{resource}.txt");
You could install Url Rewrite module:
http://www.iis.net/downloads/microsoft/url-rewrite
Remember that this module works on IIS and not on Cassini/IIS Express.
And add following rule to your web.config to section <system.webServer>
<rewrite>
<rules>
<rule name="robots" stopProcessing="true">
<match url="robots.txt" />
<action type="Rewrite" url="/Content/robots.txt" />
</rule>
</rules>
</rewrite>
I checked it on new MVC 3 .NET project and both url responses with the same file:
mywebsite.com/robots.txt
mywebsite.com/Content/robots.txt
You can setup routing request for disk files. By default the routing system checks to see if the url matches the disk file before evaluating the application's routes. If there is a match the disk file is served and routes are not used. However this can be reveresed so routes are looked at before disk files are checked by setting the RouteExisitingFiles property of RouteCollection to true. Place this statement close to the top of the RegisterRoutes method - this just seems to be convention for mvc apps. Then you define a route that for the disk files. Be aware when doing this that there can some unforseen effects because the riute could natch other kinds of URLs.
Solution 1: If you specify the URL. Browser will request this to IIS or webserver. MVC doesn't participate in the reading file etc. It gives these requests to IIS to handle. You need to assign permission to the folder.
Solution 2: Read the file in the PresentationModel if you have. read this file in Chunks and return as File type to the browser.
I hope it will give you some direction.
I was able to do this by rewriting paths in an event handler for BeginRequest in global.asax.
BeginRequest += delegate
{
switch (Request.RawUrl.ToLowerInvariant())
{
case "/favicon.ico":
Context.RewritePath("~/Content/favicon.ico");
return;
case "/robots.txt":
Context.RewritePath("~/Content/robots.txt");
return;
}
};
routes.MapRoute("Robots","robots.txt");

How do I block requests for all *.php, *.cgi, etc. pages from inside an ASP.NET MVC 1.0 app hosted in IIS7?

I'd like to block requests to any .php or .cgi regardless of the pathing information.
For example, when the following url is used:
http://mysite/Admin/Scripts/Setup.php
It matches an existing route:
routeCollection.MapRoute("Admin", "admin/{controller}/{action}/{uid}/{*pathInfo}", new { controller = "Admin", action = "Index", uid = "" });
However there is no controller for scripts so MVC throws the following:
The IControllerFactory '' did
not return a controller for a
controller named 'scripts'.
What I'd really prefer is that the request is simply met with a hard fail before MVC ever got to the controller.
I know that I can do this by hooking the Application_BeginRequest in the Global.asax and throwing a new HttpException(404, "Not Found") but that's not quite the elegant solution I'm looking for.
I was really hoping that this would work:
routeCollection.IgnoreRoute("{resource}.php/{*pathInfo}");
But it doesn't.
NOTE: Sean Lynch's answer works great but I still would really like a System.Web.Routing or System.Web.Mvc based solution. That way I can allow my users to add their own exclusions at runtime.
I know this is an old post but if you're looking for an ignore route for php requests (and some others) including requests within sub folders then I have found the code below works well (adapted from the ignore routes post from Phil Haack)
I also added a specific ignore route for the occasional apple touch icon request (using a wildcard for the different dimensions) and allowed for the different file extensions for the favicon (Google toolbar and some other browsers look for png and gif favicons).
Of course you could add an ignore route for all image file extensions but in my case I still want to route some of the other requests.
routes.IgnoreRoute("{*allphp}", new { allphp = #".*\.php(/.*)?" });
routes.IgnoreRoute("{*allcgi}", new { allcgi = #".*\.cgi(/.*)?" });
routes.IgnoreRoute("{*allaspx}", new { allaspx = #".*\.aspx(/.*)?" });
routes.IgnoreRoute("{*favicons}", new { favicons = #".*favicon\.(ico|gif|png)(/.*)?" });
routes.IgnoreRoute("{*allappleicon}", new { allappleicon = #"apple-touch-icon-.*\.png(/.*)?" });
Despite having these ignore routes, I still think that using request blocking for php files is preferable if you have access to do it.
If you hosting provider supports the IIS7 URL Rewrite module then you could check out this link:
http://learn.iis.net/page.aspx/499/request-blocking---rule-template/
Update here is what you would put into your web.config in the system.webserver section:
<system.webServer>
<rewrite>
<rules>
<rule name="RequestBlockingRule1" patternSyntax="Wildcard">
<match url="*" />
<conditions>
<add input="{URL}" pattern="*.php*" />
</conditions>
<action type="CustomResponse" statusCode="403" />
</rule>
</rules>
</rewrite>
</system.webServer>
I found How to ignore route in asp.net forms url routing which might work for this, it uses the StopRoutingHandler class, and as long as the requests to .php do run through the routing this will probably work.
If the .php requests are not going through the routing handler then this probably wouldn't work.
You could block these extensions before it even hits IIS with Microsoft's UrlScan ISAPI Filter.

Resources