I am using an ASP.NET web application which passes session IDs in the URL string. There is a strange bug that I believe is to do something with server configuration, but I'm getting damaged.
Page A has a URL string that looks very much like this:
When you click on a button then goes to page B , Which displays some information when you click on exit on the page that takes you back to the page but note how it transfers session IDs to the URL behind NTPSWeb:
< P>It leaves me with a page error saying:
"You are not authorized to view this page.
You do not have permission to use the credentials you give to this directory or page.
Please try the following:
If you believe that you should be able to view this directory or page, then contact the web site administrator. Click the Refresh button to try again with different credentials. Ruti 403 - Forbidden: Access to technical information (support personnel)
Go to Microsoft Product Support Services and the words HTTP and title search for 403. Open IIS support, search for topics that are accessible in the IIS Manager (inetmgr), and titles about security, authentication, and custom error messages. "
The strange thing is that it works on the production server and it works only with the session ID running in the string, OK, if I have backed up the session ID and after this error I put it:
It loads properly. Then, it works fine in production, just does not work on the QA server.
Thanks for the response, this is not a one-time issue, because as I said I have done the session ID up in the url, it works again, so the data is still there.
The exit button code is in Javascript and it is as follows:
& lt; script type = "text / javascript" & gt; function ExecFuncInMain (id, arg) {// warning ('test' id); var o = window.top._mainWindow .document.all [id]; if (o! = Null) {var s = o.onclick + ""; // warning (s); if (s! = Null & amp; = 'null') {s Replace ("\ n", "" ("" ""). Replace ("\", "" " "") .replace ("\ n", ""). Replace ("{", ""). Replace ("}", ""); S = "window.top._mainWindow." + S.replace ("Function Anonymous ( ) ""; "") And s = s.replace ('null', ''); s = s + "window.top._mainWindow .__ doPostBack ('" + o.id + "' , ''); "; // warning (s); eval (s);} and warning (" the object is empty ");}
Configure the web and ensure that something is set to false, so something looks like:
& Lt; sessionState mode = "inProc" cookieless = "false" timeout = "400"> 
Comments
Post a Comment