asp.net mvc and vulnerability issue RRS feed

  • Question

  • User-2071078018 posted

    Hi to all,

    i have implemented several asp.net mvc web apps with the following guidelines:

    - Catch all invalid urls on the global.asax and redirect to ErrorControlle -> Error action

    - Inside the Error action return the View result in order to redirect to the Error.aspx view page under Views/Shared folder.

    In order to implement ScottGu's instructions, i have removed the global route "catch all invalid urls" rule, commented the ErrorController code, and added the custom errors node in the web.config file

    <customErrors mode="On" redirectMode="ResponseRewrite" defaultRedirect="~/Error.aspx" />

    I cannot get this working though, since i get 404, resource not found or controller action exceptions generic error pages, according to the invalid url i type.

    Could anyone provide some guide of what someone could do in order to implement the workaround in an asp.net mvc web app?

    thanks in advance,


    Wednesday, September 22, 2010 11:36 AM