Urls /lpt1 and /com1 cause IIS to render its own screen of death
Question
When running a recent SkipFish scan - we found that IIS (7.5) returns the following if you call /lptX or /comX (where X is a number 1-9).
Server Error in '/' Application.
The resource cannot be found.
Description: HTTP 404. The resource you ...[and so on]...
This is dispite the fact that we have custom [pretty] errors at the site-level and at the web server config level.
Try it on your IIS box now if you have one - http://localhost/lpt1 should do it.
I'm guessing this is a legacy thing from 'the good ol days' of LPT printers and mice connecting via COM ports. But it is slightly unsettling to see and area of IIS that I can't config.
Is it possible to force IIS to serve a custom 404 page even for these 'special' URLs?
2 answers
solution1
6 ACCPTED 2011-06-23 21:44:24
Until ASP.NET 4.0 it wasn't possible to use certain reserved filenames such as con , lpt , aux and so in on your urls:
This was a limitation of ASP.NET, not MVC.
However the good news is that it's now possible:
If you're not using ASP.NET 4.0, you should be able to catch these 404's using IIS7's own <httpErrors> configuration settings.
solution2
0 2016-06-15 13:52:00
With ASP .NET 3.5 you can use an url rewrite rule of the url rewrite module in order to change the url to a valid one.
The url rewite module is:
The Microsoft URL Rewrite Module 2.0 for IIS 7 and above enables IIS administrators to create powerful customized rules to map request URLs to friendly URLs that are easier for users to remember and easier for search engines to find
Something like:
<rewrite>
<rules>
<rule name="CON rewrite" stopProcessing="true">
<match url="(.*)/(con\.)(.*)" />
<action type="Redirect" url="{R:1}/con-{R:3}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.