In my application I need to set a http response header. I'd like to do this in web.config. but I dont'know if this is possible and I can't find it on Google. Solution Finally, after a long search I found the solution. Create a class with this code:
public class myHTTPHeaderModule : IHttpModule
{
#region IHttpModule Members
public void Dispose()
{
}
public void Init(HttpApplication context)
{
context.EndRequest += new EventHandler(context_EndRequest);
}
void context_EndRequest(object sender, EventArgs e)
{
HttpResponse response = HttpContext.Current.Response;
response.AddHeader("Content-Language", "*");
}
#endregion
}
(Don't ask me why to use this event, but it works..) Now add a line in web.config in the HttpModule section:
I have created one page to show the progress of payment . After successful payment i need to redirect user to the payment confirmation page. When i am redirecting am getting the following error.
Cannot redirect after HTTP headers have been sent.
Using ASP.NET is it possible to make a request and get only response headers? I have to do a request to a big file, but I only need the response headers, i dont care about the content of the file.
I would like to know if there is something similar to get_headers from php (http://php.net/manual/en/function.get-headers.php).
I Have a specific set of HTTP response headers I'm trying to recreate in ASP.NET. Here is how it looks in Fiddler (Raw):
HTTP/1.1 200 OK Content-Length: 570746 Content-Type: audio/wav Last-Modified: Wed, 19 May 2010 00:44:38 GMT Accept-Ranges: bytes ETag: "379d676ecf6ca1:3178" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Tue, 05 Oct 2010 18:35:18 GMT
Here is how it looks on the Headers tab (same data. Different view)
I am trying to recreate the same set of headers (different values of course) with code, on an ASP.NET page. The biggest problem is with the cache settings and the ETag. It usually shows some "private" or similar cache setting and no ETag value, even though I'm trying to set it explicitly with
I am writing an ASP.NET application that generates CSV string and returns it using response.write. However, along with the CSV string, the output comes with other information I would like to get rid of (e.g. ASP.NET version, time-stamp) etc. How can I just get the CSV string and nothing else?
I am creating a web application in C#.When my page loads I fire an asynchronous thread to process some data. Part of this processing is the updating of a cookie. However when I save the cookie to the response by System.Web.HttpContext.Current.Response.Cookies.Add(c) where c is the HttpCookie, I get the following exception:HttpException: Server cannot modify cookies after HTTP headers have been sent.
This has been bugging me for a while now. Whenever I try to share my website link on Facebook or another link-sharing site, the link-sharing site either removes the URL (like it doesn't recognize it as valid) or in Facebook's case - it can't retrieve meta-data automatically.
I'm pretty sure that it used to work. However, Googling / StackOverflowing for this problem is a difficult task, since I have no idea what possibly could create this problem.
I've tried to create a static .HTM file on my website, and that works fine: test.htm
My default home page is a classic ASP (yeah I know, PHP version in the works) which uses IIS 7 URL Rewrite module.
I've tried to check the resultcodes and headers for both test.htm and my default home page on this page: [URL]
This is the results:
test.htm
URL=http://www.orango.nu/test.htm Result code: 200 (OK / OK) Content-Type: text/html Last-Modified: Fri, 04 Feb 2011 10:16:55 GMT Accept-Ranges: bytes ETag: "0d877a654c4cb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Fri, 04 Feb 2011 10:40:08 GMT Content-Length: 452
default home page /
URL=http://www.orango.nu Result code: 200 (OK / OK) Cache-Control: public Content-Length: 13463 Content-Type: text/html; Charset=UTF-8 Accept-Ranges: bytes Server: Microsoft-IIS/7.0 Set-Cookie: ASPSESSIONIDSCSADCAR=DLPBECCBGDJMADLEPMOMHDDC; path=/ X-Powered-By: ASP.NET Date: Fri, 04 Feb 2011 10:24:22 GMT
I read somewhere the you can't remove response headers once they've been added. Given that, I'm wondering where in a standard ASP.NET web forms application do response headers get added initially. For example, these:Date Fri, 23 Apr 2010 16:25:56 GMT erver Microsoft-IIS/6.0 X-Powered-By ASP.NET Cache-Control privateAnd can I stop it from happening? Do subsequent headers override old headers?
I am getting the following warnings on the Event Log for a Asp.Net WebSite running on IIS 7.
Exception information: Exception type: HttpException Exception message: Server cannot append header after HTTP headers have been sent. at System.Web.Hosting.ISAPIWorkerRequest.SendUnknownResponseHeader(String name, String value) [code]....
I tried to debug the WebSite but it just does not show in debugger. The web page which has got this issue contains the following.
Its a content page with a Master page.
It has a grid inside an UpdatePanel which is Triggered by a Timer.
On the specified time grid data is refreshed.
Everytime this happens we see a new warning in the EventLog.
We have a basecontroller that has both an OnActionExecuting and OnActionExecuted. Occassionally, the OnActionExecuted will throw an exception 'Server cannot modify cookies after HTTP headers have been sent.'. This doesn't happen all the time, and we can't find a pattern to it. My guess, based on searching, is that filterContext is not always the current context. Is there a way to rewrite the Cookies.Add to get the current context, always? Or is the fact that we are in the ActionExecuted mean the headers will always already have been sent and we shouldn't be doing anything like this in the executed step?
In IIS 7.0 integrated mode after deleting all headers with Response.ClearHeaders() IIS would add some other headers like Server and X-Powered-By which reveals good information to hackers. How can I stop this behavior (consider I still need to add my custom headers) ?
I have an ASP.Net site (happens to be MVC, but that's not relevant here) with a few pages I'd like cached really well.
Specifically I'd like to achieve:
output cached on the server for 2 hours.if the file content on the server changes, that output cache should be flushed for that page cached in the browser for 10 minutes (i.e. don't even ask the server if it's that fresh)when the browser does make an actual subsequent request, I'd like it to use etags, so that the server can return a 304 if not modified.
(note - time values above are indicative examples only) 1) and 2) I can achieve by Response.Cache.SetCacheability(HttpCacheability.Server) I know 3) can be achieved by using max-age and cache-control:private I can emit etags with Response.Cache.SetETagFromFileDependencies();
but I can't seem to get all of these things to work together. Here's what I have:
can browsers do both 3) and 4) like that? When Firefox issues a new request after it expires in the local cache, it does indeed send the etag the server responded with before, but I get a 200 response.setting the variables like above, where would I set the duration of the output caching?
I am trying to make ActionFilter which redirects banned users to /Error/NoAccess site, so I have ActionFilter:
[Code]....
Before each public class xxxxxxController : Controller I use [NoBannedUsersActionFilter]. But for example on website /Account/LogOff I have error: 'Server cannot modify cookies after HTTP headers have been sent.' and VisualStudio shows me AccountModel.css file and this method:
In the web app (C#, ASP.NET) I am working on at the moment, the value in Request.Headers["Referer"] can determine things like custom style. I have created a custom page with a drop down menu to test this functionality. So when the selected index changes, the value selected should be set in the Request.Headers["Referer"] then will be redirected (Response.Redirect), the receiving page will then pick up the value in Request.Headers["Referer"] and adjust the styling accordingly. However I haven't been able to set value for Request.Headers["Referer"]. Is it possible at all?
Website 1 sets the value in Request.Headers["Referer"], e.g. www.xyz.com and before doing Response.Redirect to www.website2.com
Website 2 picks up value in Request.Headers["Referer"], in this case www.xyz.com and do what it needs to do, i.e. styling etc.
I've a question about something I'm searching for,for too long! We've build an application from which an admin upload songs into a database. Then user can bought songs and download it individualy. The problem is that when user download MP3 songs with the code below, it works great in Firefox and Chrome but not in IE8 simply because WMP trying to open the songs and it just don't get it instead of having a "Save as" dialog? Any issue on HOW can i force to have the "Save As" diaglog? Note that I have not MP3 physicaly on server it's in database. So I can't direct link to song ...
I am a bit new to asp.net and I have been trying to host a asp.net site on my local machine (Win2k3) with a host header.
I initally created the web site with default (none) host headers on the port 800 .
Later on I edited the default header from the web site properties tab and gave a header something like this - test.site.com
I made the entry in the host file for this header.
I try accessing the site by hitting http://test.site.com but i dont see my web page, instead i see some internet url.
I know that the host header has been setup well because i can ping it successfully from the cmd. Also, i have made changes in the browser to by- pass the proxy server.
I need to I can make the web request to a webservice which take a XML argument. And is expected to return a Binary response. I am able to make the request but while recieving the response back I am unable to get the response in binary. When I read the response using streamreader see the header and some attached "HEBRISH" words probably binary but unable to sepreate it out. Please help in seprating out the binary the response data.
I'm trying to query a database that contains information about a "ticket" using jQuery's .ajax() method.
$.ajax({ type: 'GET', url: 'Preview.ashx', data: 'ticketID=' + ticketID, success: function (data) { // 'data' should be a row from the database, so it should be like an // array that contains each column of the row // do stuff with this data } }); ... so that all works fine. I'm having trouble with the data variable. On the server side, I do... // get the ticket ID from the POST parameter int ticketID = context.Request["ticketID"] != null ? Convert.ToInt32(context.Request["ticketID"]) : -1; if (ticketID >= 0) { // grab the data from the database, getInfo() will retrieve the row // in the DB that corresponds to the ticket ID given, returning an // ArrayList with all of the information ArrayList theTicket = getInfo(context, ticketID); // now, I need to somehow return this information so that I could deal with it // in the 'success' callback function above return; } else { // something went wrong with the 'newTicket' POST parameter context.Response.ContentType = "text/plain"; context.Response.Write("Error with 'ticketID' POST parameter. "); return; } return;
I've debugged this enough to be sure that the ArrayList contains the correct information. Now I just need to return it. How would I do this? How would I return the data in the ArrayList? Is it possible to structure the response so that I could do data.ID, data.otherColumnName, etc... in the callback function to access the different fields?
I've had a bit of feedback from some threat and vulnerability folks relating to websites returning HTTP 500 response codes. Essentially the advice is that all possible measures must be taken to avoid the server throwing a 500 (i.e. extensive form input validation) which is fine. However, the advice also suggested that attempts to compromise security by means such as inserting a tag into a random query string causing ASP.NET request validation to fire or manipulating viewstate also should not return an HTTP 500. Obviously the native framework behaviour is to interpret the request and possibly throw to a custom error page but even this will return a 500 response code.
So I'm after some thoughts on how to approach this. Is there any way to configure the app at either the .NET level or IIS level to return an HTTP 200 when a 500 is raised? Or does this become a coding exercise at global.asax level in one of the application events? Are there other consequences to consider? BTW, the rationale from the security side is that apps which return HTTP 500 may be viewed as "low hanging fruit" by bots randomly scanning for vulnerabilities and prompt further malicious activity. attempts I'm personally not convinced that changing response codes offers any real security gains but am happy to hapy to take the advice of the pros.
On the client side I have a form: <form ... action="www.link-to-another-domaint" > <input type="hidden" id="asd" value="fgh" > .... </form> <script type="text/javascript"> document.forms[0].submit(); </script>
Then on the other domain - there is also my other application - I'm trying to get the hedaer "key" by this code:
Request.Headers["key"].ToString();
But there is no such header. Is there is a desicion? Where is my mistake?
