Both returns the incoming url, Just to know When to use Request.UrlReferrer and when Request.ServerVariables["HTTP_REFERER"] and why?Currently, in one of my application Urlreferrer is working in my local machine but its not working when went live?Additionally, its most appreciable if anyone can guide any alternative of both Urlreferrer and HTTP_REFERRER?
View 1 Repliesin my web application Request.UrlReferrer is null. how can i set UrlReferrer ?
View 1 RepliesI need to get the Hash value from url. Example:
Photos.aspx?area=photo&Id=2#22
Get the 22 after #.
How can this be done easily.
IN ASP.NET and not Javascript
I came upon an interesting discussion with my team around the use of HttpRequest.UrlReferrer and wanted to solicit feedback from the community. According to the W3C spec:
The Referer[sic] request-header field allows the client to specify, for the server's benefit, the address (URI) of the resource from which the Request-URI was obtained (the"referrer", although the header field is misspelled.) The Referer request-header allows a server to generate lists of back-links to resources for interest, logging, optimized caching, etc. It also allows obsolete or mistyped links to be traced for maintenance. The Referer field MUST NOT be sent if the Request-URI was obtained from a source that does not have its own URI, such as input from the user keyboard.as input from the user keyboard.
The Request.UrlReferrer object does the work of converting referral strings that contain well formed URIs to an object with properties on every request. According to our logs there are requests that come in that contain invalid data in the referral such as:
localhost
app:/BeamBackTest.swf
app:/multtiple.swf
app:/AFriendFeed.swf
ALToolBar
app:/index.html
mhtml:file://C:Documents+and+SettingsUserDesktoporacleWhat+is+a+View+in+Oracle+-+Stack+Overflow.mht
Using Request.UrlReferrer would mean the above cases would be NULL. Is it better to discard the invalid data based on the W3C spec by using Request.UrlReferrer or preserve it by using Request.ServerVariables["HTTP_REFERER"] even though the data may be interesting, but potentially useless.
I am trying to run this log routine in a separate thread in order to improve page load performance but I am getting an error in the line bellow: "object not set to an instance of a variable".
line error: strTempBrowser = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_USER_AGENT"].ToString();
I am suspecting that Request.ServerVariables are not available during the time that the thread executes. Is there a workaround?
Page Base Class
//STATISTICS
SiteStatisticsLite sStat = new SiteStatisticsLite();
Thread oThread = new Thread(new ThreadStart(sStat.AddLog));
oThread.Start(); // Don't wait to finish, just let stat logging to occurr after page loads
public class SiteStatisticsLite
{
//SiteStatisticsLite sStat = new SiteStatisticsLite();
I am working on an app where users are only allowed access if they click through from certain URLs. I.e. I need to authenticate by using the referral url and I am using
Request.UrlReferrer to achieve this.
I am guessing that the Request.UrlReferrer can be tampered with by malicious users to gain access...
What I am trying to solve here is to check for what is previous page's url and compare it. If it is login.aspx then I want to display an WelcomeNote() message. Any help would be deeply appreciated. Here's the codes.
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Request.UrlReferrer IsNot Nothing Then
I'm using IIS 7.0 on WS2008. I've implemented a simple login page that redirects to another simple page showing the Request.ServerVariables key/values. I'm using the built-in SQL membership provider. The website is on a DEV machine and there are no users on it.
When I login at the same time with 2 different users from 2 different locations (2 different public addresses) then one of the Request.ServerVariables page is the same as the other. That includes the client IP address which is then completely wrong. The authentication as well as the other cookies are wrong as well.
I checked the IIS log and it shows the correct client address as well as the correct login name. If I then reload the wrong page I get the correct data. Is there some concurrency issue in ASP.NET? I disabled the session and caching but I still get the same behaviour.
i have a problem in my asp application . Im trying to protect the path for my application using this code :
Uri t = Request.UrlReferrer;
In an asynchronous process, I need to get the name of the domain/server the web application is running on. But in that situation HttpContext.Current is not available, so I cant use HttpContext.Current.Request.ServerVariables("SERVER_NAME").
View 7 RepliesI have the following code in 'main.cs' file where I am checking for a condition
protected void Page_Load(object sender, EventArgs e)
{
if (Request.Form.Get("task") != null && Request.Form.Get("postToURL") != null &&
Request.UrlReferrer.ToString().Substring(0, 31).Equals("http://cs.astra.co.in:4040"))
{
ASCIIEncoding encoding = new ASCIIEncoding();
<SO ON>
Instead of checking for the URL [URL] in 'main.cs', Can I check for the same condition in the 'web.config' file ? If so, How can I do that ?? Is there any way to transfer the part -- Request.UrlReferrer.ToString().Substring(0, 31).Equals[URL] -- into the 'web.config' !!
[Code]....
i want to access the HTTP_REFERER server variable @ ajax call on page load event. So I have written the following code in Page_Load:
If (Request.ServerVariables("HTTP_REFERER") != null)
{
Response.Write(Request.ServerVariables("HTTP_REFERER").ToString());
[code]...
when i was working with IIS 6.0 and windows 2003 Request.ServerVariables["LOGON_USER"] is giving me the current logged in user id,
but now we have upgraded to IIS 7 and Windows 2008 if i use the same statement it is not returning me any value.
NOTE : i am using vs2005 to write my programs.
I have a feeling that Request.ServerVariables("AUTH_USER") and User.Identity.Name return the same string while using FormsAuthentication.So my question is as simple as that. Which one should i better use?
View 1 RepliesI am developing an internal application in .NET which tracks computer name and give access only if they match users which are in a users table in database. When i tested in my local machine and in production server, I am able to get computer name. But for few users the application just don't work since Request.ServerVariables["REMOTE_USER"] is returning empty values. For myself and even for few users we can get computer name with Request.ServerVariables["REMOTE_USER"] but for few users it returns empty values.I even tried using Request.ServerVariables["LOGON_USER"] and WindowsIdentity funtions, but still getting empty values.
View 3 RepliesI'm not using any built in authentication mechanism, just building a simple intranet site that requires logon.BUT i was asked to retrieve the current windows logon name of the user, and authenticate him with this information.When reading the Request.ServerVariables("LOGON_USER") information from my box, everything runs fine. But this value is always blank when the application is running with IIS on my server.
View 1 RepliesWe're trying to implement functionality that intercepts, inspects, and alters if needed data in the Request.QueryString and Request.Form collections.
Since Request.QueryString and Request.Form are readonly, is it possible to use a HttpModule to do this without Reflection or Response.Redirect?
We're thinking that we can construct a new HttpRequest, and replace the original one. Would there be any implications in doing this?
I know mocking this object is impossible without using HttpRequestWrapper, but wasn't sure whether ASP.NET sets other things beyond the constructor.
I have a webservice which works 100% fine on my developer machine. Where Web Service is installed on LOCALHOST on my developer machine,Then i went to my servers, I installed webservice on one server and map it with the server where the website is hosted, Then i tried accessing this service using BROWSER from my web server, it worked fine, That means the mapping was done perfect.Then i run my program on web server (website). It worked fine on page1, then on page2, but when i did the same and call same function on page3, It popped me any error of
View 4 RepliesIs it at all possible to inject a request into IIS for a page, have IIS and ASP.Net handle it as normal, but get the response as html handed back to me programmatically?
Yes, I know that I could connect to port 80 using WebRequest and WebResponse, but that becomes difficult if you are accessing the IIS server from the same physical machine (loopback security controls et al).
Basically, I want to inject the request (eg for [URL]) between the points at which IIS would normally talk to the browser, and the point at which it would route it to the correct ASP.Net application, and get a response back from IIS between the points at which ASP.Net/IIS applies the httpfilters and hands the html back to the browser.
I'm predominantly working with IIS7 so if there is a solution that works just for IIS7 then thats not an issue.
This is a input
<input type="image" src="<%=Url.Content("~/images/shopping-cart.jpg")%>" alt="shopping cart" id="btnshoppingCart" name="btnshoppingCart" value="shoppingCart" />
when i browse the page with firefox and click on the input Request.Params["btnshoppingCart"] != null or Request.Form["btnshoppingCart"] != null is statisfied.
When i browse the same page with internet explorer 8 and click on the same input Request.Params["btnshoppingCart"] != null or Request.Form["btnshoppingCart"] != null is not satisfied. When i used the watch i saw that there is no key by the name of "btnshoppingCart" in either Request.Form or Request.Params if input is clicked from internet explorer. However when it is clicked from firefox there is value "shoppingCart" inside Request.Form and Request.Params against "btnshoppingCart" key. One more strange thing that i observed was that are two keys "btnshoppingCart.x" and "btnshoppingCart.y" inside both Request.Form and Request.Params whenver clicking is done from both internet explorer and firefox. This is happening against all inputs of type image irrespective if the input is present inside a html form or not. Forms are created like this
<% using (Html.BeginForm("Action", "Controller", FormMethod.Post)){%>
The version of internet explorer is 8.0 and firefox is 3.6.6
I there a way to know if a request is a soap request on AuthenticateRequest event for HttpApplication? Checking ServerVariables["HTTP_SOAPACTION"] seems to not be working all the time.
public void Init(HttpApplication context) {
context.AuthenticateRequest += new EventHandler(AuthenticateRequest);
}
protected void AuthenticateRequest(object sender, EventArgs e) {
app = sender as HttpApplication;
if (app.Request.ServerVariables["HTTP_SOAPACTION"] != null) {
// a few requests do not enter here, but my webservice class still executing
// ...
}
}
I have disabled HTTP POST and HTTP GET for webservices in my web.config file.
<webServices>
<protocols>
<remove name="HttpGet" />
<remove name="HttpPost" />
<add name="AnyHttpSoap" />
</protocols>
</webServices>
Looking at ContentType for soap+xml only partially solves my problem. For example,
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1131
Content-Type: text/xml
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: ro
Host: localhost
mymethod: urn:[URL]
Some clients instead of having the standard header SOAPAction: [URL], have someting like in example above. "mymethod" represents the method in my web service class with [WebMethod] attribute on it and [URL] is the namespace of the webservice. Still the service works perfectly normal. The consumers use different frameworks (NuSOAP from PHP, .NET, Java, etc).
I develop an asmx web service (i.e. ASP.NET 2.0). There's a piece of code that may read the contents of the HTTP request (via HttpContext.Current.Request.InputStream) while processing it. I realise that InputStream may only be read once for a request, and I make sure I never try to read it more than once.
The problem seems to be that if InputStream happens to be read during the early stages of the application's lifecycle (e.g. after pskill w3wp, during Application_Start), the HTTP request fails with a HTTP 400 - Bad Request error, with no explanation given, no exception thrown and no entry in the httperr log. If it is read later (e.g. within the web method itself), requests run fine whether InputStream is read or not. Application_Start runs fine if InputStream isn't read.
Is this some sort of ASP.NET bug? IIS bug? Or am I doing something wrong by daring to read InputStream? And if so, is there another way to get a look at the "raw" contents of the request without disturbing the inner workings of IIS/ASP.NET? In short, adding this code within Application_Start is enough to reproduce this error: using (StreamReader reader = new StreamReader(HttpContext.Current.Request.InputStream))reader.ReadToEnd();
I want to component to upload large filesP.How can I bypass request size и request processing time restrictions?
View 4 RepliesI am trying to use curl to access 3rd party webservice, I used the following code which works well if I try it on my own linux server, the data is being sent ok, but the IIS on the 3rd party server returns an error.
$longdata is a long string of data, maybe over 1000 characters long the 3rd party has many working clients with various implementations so the problem is on my side. what do I need to add to the request in order to get this through ?
<?php
$c = curl_init();
// curl_setopt($c, CURLOPT_HTTPHEADER, array('Expect:'));
curl_setopt($c, CURLOPT_URL, 'http://XXX.com/test/index.asmx');
curl_setopt($c, CURLOPT_POST, 1);
curl_setopt($c, CURLOPT_HEADER, 1);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
$post = array('param1' => 'XXXX', "param2" => "Y", "Param3" => $long_data);
curl_setopt($c, CURLOPT_POSTFIELDS, $post);
$response = curl_exec($c);
echo $response;
/*
Response:
HTTP/1.1 100 Continue
HTTP/1.1 500 Internal Server Error
Date: Tue, 05 Apr 2011 14:11:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Length: 100
Request format is invalid: multipart/form-data; boundary=----------------------------5d738237d9e0.
*/
?>
I am facing an issue while calling a web request thru my code. I have searched a lot on number of sites but did not get any solution.
Here is the code which I am using:
[Code]....