Login/Register
Setting Context.Response.StatusCode does not seem to work
Asked Answered
Solved c#.nethttphttp-status-codes
P

4

7

I have an HttpHandler with the following code:

using System;
using System.Web;
using Company.Cms;
using Company.Web.Handlers.Console;


namespace Company.Web.Handlers
{
    /// <summary>
    /// Summary description for AdminHandler
    /// </summary>
    public class AdminHandler : IHttpHandler
    {
        public bool IsReusable
        {
            get
            {
                return false;
            }
        }

        public void ProcessRequest(HttpContext context)
        {
            HttpRequest request = context.Request;
            HttpResponse response = context.Response;
            string action = request.QueryString["action"];

            if (!HttpContext.Current.User.CanAdminister())
            {
                response.StatusCode = 403;
                response.Status = "403 Access Denied";
                response.End();
                return;
            }

            if (String.IsNullOrEmpty(action))
            {
                response.StatusCode = 404;
                response.Status = "404 Not Found";
                response.End();
                return;
            }

            IHttpHandler handler = null;
            switch (action)
            {
                case "menu":
                    handler = new MenuHandler();
                    break;
                case "tree":
                    handler = new TreeHandler();
                    break;
                case "grid":
                    handler = new GridHandler();
                    break;
                case "list":
                    handler = new ListHandler();
                    break;
                case "drop":
                    handler = new DropHandler();
                    break;
                case "edit":
                    handler = new EditHandler();
                    break;
                case "new":
                    handler = new InsertHandler();
                    break;
            }
            if (handler == null)
            {
                response.StatusCode = 404;
                response.Status = "404 Not Found";
                response.End();
            }
            else
            {
                handler.ProcessRequest(context);
            }
        }
    }
}

Unfortunately when I intentionally specify an invalid action, the browser just displays a blank page. Non of the browser error messages are displayed both in Firefox and IE.

What could I be doing wrong?

EDIT - IE shows the error message, but Firefox does not.

Pictogram answered 22/7, 2010 at 13:17 Comment(2)
What does firebug/fiddler tell you about the response?Due
Firebug shows the correct status. Does this mean that if I want the browser to display a message, I have to render it myself?Pictogram
D
8

Firebug shows the correct status. Does this mean that if I want the browser to display a message, I have to render it myself? – deverop

Absolutely it does. What the browser does based on an error code received is up to the browser. But you can still provide HTML to go along with the 404. Case in point... take a look at Stack Overflow's 404 page. That error message is entirely hand crafted.

Typically, however, you want to limit the amount of data returned from an error status; the more data you return from an erroneous request, the larger the surface of attack for denial of service.

Daile answered 22/7, 2010 at 14:29 Comment(0)
P
15

First Try this:

protected void Page_Load(object sender, EventArgs e)
{
    Response.StatusCode = 404;
    Response.SuppressContent = true;
    HttpContext.Current.ApplicationInstance.CompleteRequest();
}

:)~

Poulter answered 22/7, 2010 at 14:27 Comment(0)
D
8

Firebug shows the correct status. Does this mean that if I want the browser to display a message, I have to render it myself? – deverop

Absolutely it does. What the browser does based on an error code received is up to the browser. But you can still provide HTML to go along with the 404. Case in point... take a look at Stack Overflow's 404 page. That error message is entirely hand crafted.

Typically, however, you want to limit the amount of data returned from an error status; the more data you return from an erroneous request, the larger the surface of attack for denial of service.

Daile answered 22/7, 2010 at 14:29 Comment(0)
F
3

I had a similar problem, which occures in IIS 7.0 only. What you could also try is to set

Response.TrySkipIisCustomErrors = true;
Finally answered 17/2, 2014 at 10:20 Comment(0)
C
0

For 301 redirects use Response.RedirectPermanent().

For 302 redirects use Response.Redirect()

        if (isPermanentRedirect)
        {
            // 301 Redirect
            args.HttpContext.Response.RedirectPermanent(targetUrl);
        }
        else
        {
            // 302 Redirect
            args.HttpContext.Response.Redirect(targetUrl);
        }
Clinch answered 2/11, 2020 at 18:6 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.