I'm working on some error handling in my MVC app, and I'd like to change asperrorpath to something that doesn't give away the fact that I'm using .NET... something like path
Can anyone give me some direction on how to change that out?
-
Hello rockinthesixstring. Have you found the answer to this yet? I'd like to do this too! Anyone? Anyone? +1Funka– Funka2010-06-26 02:12:01 +00:00Commented Jun 26, 2010 at 2:12
-
Sorry, you're fooling yourself i you think it's not trivial to know if a site is running asp.net. asp.net and mvc both have very strong telltale signs thatdoesn't take much effort to figure out, and this is built in to the way that requests are handled so there is no configuration or other change you can make that will hide itErik Funkenbusch– Erik Funkenbusch2012-03-18 19:48:26 +00:00Commented Mar 18, 2012 at 19:48
-
@MystereMan, not trying to hide it, just don't want it totally obvious either.Chase Florell– Chase Florell2012-08-20 19:37:38 +00:00Commented Aug 20, 2012 at 19:37
-
I use javascript like "if (location.search != "") { window.location.href = "/404.html"; } "Diogo Cid– Diogo Cid2014-12-11 18:08:09 +00:00Commented Dec 11, 2014 at 18:08
Add a comment
|
5 Answers
Add redirectMode="ResponseRewrite" to the customErrors section. That worked for me.
1 Comment
Johnny Oshika
Warning: You can only use ResponseRewrite if you're redirecting to a file on the server and not using MVC routes to your error page: stackoverflow.com/a/3770265/188740
my wprk around is using
route.MapRoute("NotFound", "{*url}", new {controller = "Home", action = "NotFound"})
At the bottom most, which I have NotFound action in HomeController.
It will simply catch all other urls.
2 Comments
Chase Florell
nope. I don't care about the URL (I already have that taken care of)... but the querystring for the returnUrl is currently
?asperrorpath=http... whereby everyone knows I'm using .net (not saying it's a bad thing). I'd just like to change the item to ?go=http.... Which I've already done. I'll post my solution later in the day.
CallMeLaNN
Yeah I found so many trick, this is what I think the best. If using this way, you need to turn
On (or RemoteOnly) customError but don't define any 404 redirection etc in the web.config, the "{*url}" will catch it. I am using MVC 3. Not sure about previous version. I will never get the ?asperrorpath=The are many ways you can solve your problem. It depends what you want.
- You can edit section in your web.config And write default link for redirecting on error and also specify different links for different error like
<error statusCode="403" redirect="NoAccess.htm" /> - You can use HandleError attribute for your Controller/Actions. You can read about it here.
Comments
By supplying custom query string, your aspxerrorpath won't show up.
Check the original answer from this link: how to prevent “aspxerrorpath”
1 Comment
alex
I guess so, but say you want to redirect to your website's home page on a 404 - if you specify
redirect="~/?" in the web.config, your URL will look like http://localhost:51437/? - which is sort of ugly and may not meet your project's requirements.Just add dummy query string to your .htm pages as below.
<customErrors mode="On" defaultRedirect="errorpage.htm?error=1" >
<error statusCode="404" redirect="filenotfound.htm?error=1" />
</customErrors>
Check with fiddler, the asperrorpath query string does not appear anymore and referrer of errorpage.htm is completely clean.
2 Comments
alex
What if you're redirecting to an MVC
.cshtml page instead of a normal HTML page? The MVC framework uses .cshtml files by default. Also, what if you have attribute-based routing set up?
Houssam Hamdan
This solution is good for errors that you cannot or are not handling through code. This is when asperrorpath query string appears. The main purpose is to not let sniffers discover the back-end technology you are using. You can always redirect your user to a controller action that returns an error view where asperrorpath is not appearing and you completely safe.