Windows Azure ASP.NET MVC Role behaves strangely when redirecting from HTTP to HTTPS

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Rinat Abdullin on Stack Overflow See other posts from Stack Overflow or by Rinat Abdullin
Published on 2010-05-27T10:18:27Z Indexed on 2010/05/27 10:21 UTC
Read the original article Hit count: 321

Filed under:
|
|
|
|

Subj. I've got an ASP.NET 2 MVC Worker Role Application, that does not differ much from the default template.

When attempting redirect from HTTP to HTTPS (this happens when we access constroller secured by the usual RequireSSL attribute implementation) we get blank page with "Bad Request" message.

IntelliTrace shows this:

Thrown: "The file '/Views/Home/LogOnUserControl.aspx' does not exist." (System.Web.HttpException)

Call stack is really short:

[External Code] 
App_Web_vfahw7gz.dll!ASP.views_shared_site_master.__Render__control1(System.Web.UI.HtmlTextWriter __w = {unknown}, System.Web.UI.Control parameterContainer = {unknown})    
[External Code] 
App_Web_bsbqxr44.dll!ASP.views_home_index_aspx.ProcessRequest(System.Web.HttpContext context = {unknown})   
[External Code]

User control reference is the usual one in /Views/Shared/Site.Master:

<div id="logindisplay">
    <% Html.RenderPartial("LogOnUserControl"); %>
</div>

And partial view LogOnUserControl.ashx is located in Views/Shared (and it is ASHX, not ASPX).

Problem shows up, when we try to access site pages, that require auth and redirect. These pages are secured by RequireSSL attribute (Redirect == true):

[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = false)]
public sealed class RequireSslAttribute : FilterAttribute, IAuthorizationFilter
{
  public bool Redirect { get; set; }

  // Methods
  public void OnAuthorization(AuthorizationContext filterContext)
  {
    // this get's messy, when we are running custom ports
    // within the local dev fabric.
    // hence we disable code in the debug

#if !DEBUG
    if (filterContext == null)
    {
      throw new ArgumentNullException("filterContext");
    }

    if (filterContext.HttpContext.Request.IsSecureConnection)
      return;

    var canRedirect = string.Equals(filterContext.HttpContext.Request.HttpMethod, "GET", StringComparison.OrdinalIgnoreCase);

    if (canRedirect && Redirect)
    {
      var builder = new UriBuilder
      {
        Scheme = "https",
        Host = filterContext.HttpContext.Request.Url.Host,
        Path = filterContext.HttpContext.Request.RawUrl
      };
      filterContext.Result = new RedirectResult(builder.ToString());
    }
    else
    {
      throw new HttpException(0x193, "Access forbidden. The requested resource requires an SSL connection.");
    }
#endif
  }
}

Obviously we compile in RELEASE for this case.

Does anybody have any idea, what could cause this strange exception and how to get rid of it?

© Stack Overflow or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about asp.net-mvc

Related posts about https

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle