I have an aplication in IIS thet have a web service when i try access from other ip it response an error of Cross domain origin, in my web.config i have this lines:
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*"/>
<add name="Access-Control-Allow-Headers" value="Content-Type"/>
<add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS"/>
</customHeaders>
</httpProtocol>
But it stilll fail when i try to send via post data to the webservice.
Related
I have a website on an EC2 service from AWS. The web domain was purchased on Namecheap with SSL protection. I was investigating how to activate this ssl protection. The first thing I did was to generate the CSR code from my EC2 instance. Then I went to Namecheap to use this code and activate the SSL Protection. I complete the DCV validation using the "HTTP-based validation". Now in my Namecheap main panel the SSL certificate says to be active. But when wanting to go to my website, it still does not appear. Is there something I need to do? Thank you all for your time!
Yes, you will need to install the certificate and private key on your web server. You will also need to setup / enable HTTPS on your web server.
https://www.namecheap.com/support/knowledgebase/article.aspx/795/14/how-to-install-ssl-certificates
I can't understand your question clearly but try this and see if it helps - add this to your web config file
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name="Redirect to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}"
redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
I have a Kentico installation at sub.mydomain.com. The CurrentContact cookie is created using a domain of sub.mydomain.com. I want the cookie to be able to be read by other subdmains like app.mydomain.com.
Is there a way to accomplish this? Is there a web.config setting or a system event in which we can change the cookie domain?
If a cookie is issued for .mydomain.com then it will be accessible on all sub domains i.e. sub. and app. but not vice versa. Technically is sub.mydomain.com and app.mydomain.com are two different domains from a browser prospective. I think you need to enable CORS support for domain app.domain.com in your Kentico web.config.
You may try to add something like this to your web.config:
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By" />
<add name="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept" />
<add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS,PUT,DELETE" />
<add name="Access-Control-Allow-Origin" value="http://app.mydomain.com" />
<add name="Access-Control-Allow-Credentials" value="true" />
</customHeaders>
</httpProtocol>
I have a site that runs on ColdFusion 2016. To access it, user must login. None of the ColdFusion templates are accessible for unauthenticated users within secure directories. However, in some directories html templates, video tutorials and images can be viewed with direct link via url.
Is there way to restrict such access?
UPDATE
I added this code below but, it is blocking all access even from the link on pages. But, how to block non authenticated direct access?
<configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
<system.webServer>
<handlers>
<add name="HTML" path="*.html" verb="GET, HEAD, POST, DEBUG" type="System.Web.StaticFileHandler" />
<add name="mp4" path="*.mp4" verb="GET, HEAD, POST, DEBUG" type="System.Web.StaticFileHandler" />
</handlers>
</system.webServer>
</configuration>
This question already has answers here:
Can't access /elmah on production server with Elmah MVC?
(2 answers)
Closed 5 years ago.
I have included elmah.mvc into an Asp.Net MVC application for logging exceptions and custom error logs. It is working fully as intended and I can view the logs within my ELMAH_Error table using a SQL Server, and as well from the web interface through local host URL(http://localhost:20086/elmah).
My question is: How, if possible, can I view my logs through the web interface on a live site and not "http://localhost:20086/elmah". I want to be able to view the Logging information when necessary from any computer. I have implemented Roles and Authentication, so I should be able to go to the correct URL, login with the appropriate credentials, then view the logs.... right?
Is this possible??
No problem. You can use ASP.NET authentication to secure your logs. Basically you want something like this:
<location path="elmah.axd">
<system.web>
<httpHandlers>
<add verb="POST,GET,HEAD"
path="elmah.axd"
type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>
<authorization>
<allow roles="admin" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
<handlers>
<add name="ELMAH"
verb="POST,GET,HEAD"
path="elmah.axd"
type="Elmah.ErrorLogPageFactory, Elmah"
preCondition="integratedMode" />
</handlers>
</system.webServer>
</location>
There's some more details in this ELMAH Tutorial.
It looks like you're using the Elmah.MVC package. With this package you have another option:
<add key="elmah.mvc.requiresAuthentication" value="true" />
<add key="elmah.mvc.allowedRoles" value="admin" />
I have 2 WCF service working together. One is Class Library and another one in webservice.
Its working fine until now. But if i try to send large amount of data it throw me 413 error...
An exception was thrown: The remote server returned an error: (413) Request Entity Too Large.
Below is web.config file-
For Class Library-
<add key="SMTP" value ="dummy"/>
<add key="BookingEmailFrom" value ="dummy"/>
<add key="BookingEmailToWBD" value ="dummy"/>
</appSettings>
<connectionStrings/>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Windows"/>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
</system.web>
<!--
The system.webServer section is required for running ASP.NET AJAX under Internet
Information Services 7.0. It is not necessary for previous version of IIS.
-->
<system.serviceModel>
<services>
<service name="JSONWebService.Service1" behaviorConfiguration="JSONWebService.Service1Behavior">
<endpoint address="../Service1.svc" binding="webHttpBinding" contract="JSONWebService.IService1"
behaviorConfiguration="webBehaviour"/>
For web service client-
<?xml version="1.0"?>
<configuration>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\vx.x\Config
-->
<configSections>
</configSections>
<appSettings>
<add key="ConnectionString" value="Server=dummy;uid=sa;pwd=dummy;database=dummy"/>
---------------------- -->
section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
<pages>
<controls>
<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35"/>
<!--
Upon deployment, the following identity element should be removed or replaced to reflect the
identity under which the deployed service runs. If removed, WCF will infer an appropriate identity
automatically.
-->
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<endpoint address="basic" binding="webHttpBinding" contract="JSONWebService.IService1"
behaviorConfiguration="webBehaviour"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior" >
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before
deployment -->
</bindings>
</system.serviceModel>
</configuration>
Any help would be really appreciated.
Thanks
You are encountering a WCF default limit on the message size. To raise the limit, use the maxReceivedMessageSize attribute in your web.config file (server side).
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding maxReceivedMessageSize="10000000">
</basicHttpBinding>
</bindings>
</system.serviceModel>
This is probably really late, but for anyone else that is also stuck.
The initial problem is solved by what BilalAlam described (increase the maxRecievedMessageSize) but your issue is the bindings need to be tied to the endpoint via the bindingConfiguration in the endpoint and the name in the binding.
Example
<bindings>
<webHttpBinding>
<binding maxReceivedMessageSize="2147483647" name="NAMETOTIEENDPOINT">
<readerQuotas maxStringContentLength="2000000"/>
</binding>
</webHttpBinding>
</bindings>
<services>
<service>
<endpoint address="basic" bindingConfiguration="NAMETOTIEENDPOINT" binding="webHttpBinding" contract="JSONWebService.IService1" />
</service>
</services>