tags:

views:

45

answers:

2
+1  Q: 

What is IIS 6.0 doing with slashes after the page name in a URL?

Had a question from a client which stumped me.

They are using IIS 6.0 and for some reason, instead of making a normal request for a page on their server which I'll call www.domain.com/Default.aspx someone typed www.domain.com/Default.aspx/randomstuff

It seems that IIS's response was to serve Default.aspx as normal, but, as far as the browser is concerned, the path is www.domain.com/Default.aspx/ rather than www.domain.com/ and thus all relative paths to CSS, images, etc. fail

I looked at the traffic in Fiddler, and it seems that all of those image etc. requests, such as www.domain.com/Default.aspx/images/image.gif are ALSO returning the contents of Default.aspx, needless to say, not a valid image!

I don't believe they are doing anything special with URL rewriting, but just to be sure, I tried an experiment on a freshly created ASP.NET web application and the results were the same.

So what is causing IIS to pass a URL like /Default.aspx/randomstuff to the ASP.NET pipeline as a request for Default.aspx? And can it be stopped, and made to just throw a 404 as you'd expect?

+2  A: 

This is called the PathInfo component.

You can stop like this:

if (!String.IsNullOrEmpty(Request.PathInfo)) throw new HttpException(404);
SLaks  2010-02-17 01:48:14
Also see the comment regarding "Check that file exists" in IIS at the bottom of the MSDN article.
Michael Stum  2010-02-17 02:01:09
A: 

Yes, that's perfectly normal. Apache will do it too.

You can use it for routing, so you can have the URL /script.name/random/stuff instead of /script.name?page=random&section=stuff without having to set up URL rewriting.

Naturally the browser doesn't know that script.name is the real script, that random and stuff aren't really part of the path at the server-side. So all URLs will be relative to the random directory. Normally when you are writing an application with routing, you have to make sure you use rooted or absolute URLs through rather than relative URLs, for this reason.

And can it be stopped, and made to just throw a 404 as you'd expect?

Yes, as in SLaks's answer. However it would probably be better to send a 301 to the real address without the trailing Path Info parts.

bobince  2010-02-17 01:59:05

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps