We are having problems with partial views after migrating to .net 5. The main page will optionally render a custom partial view to allow per-customer customizations. After migrating we are unable to render these partial views. the error message is:
InvalidOperationException: The partial view ~/Resources/Customer/Views/File.cshtml was not found. The following locations were searched: ~/Resources/Customer/Views/File.cshtml
We know the path is valid because if we rename the file the page renders (without customizations). If we debug in visual studio the page renders as expected but in a deployed IIS server it fails. We suspect there is a permissions issue but we have been unable to find it. So far we haven't been able to find anything in google searches or SO
Here is a snippet where we handle the custom file:
// load file path from config
string url = configuration.OrderPageSetting["OrderInfoViewRenderFile"];
bool exists = false;
// determine the path
if (!string.IsNullOrWhiteSpace(url))
{
string _url = url;
if (_url.StartsWith("~/")) _url = _url.Substring(2);
else if (_url.StartsWith("/")) _url = _url.Substring(1);
exists = System.IO.File.Exists(System.IO.Path.Combine(Resource.SystemDirectory, _url));
}
// test for and render custom view
if (exists)
{
var data = new ViewDataDictionary<object>(new EmptyModelMetadataProvider(), new ModelStateDictionary());
data.Add("Order", order);
data.Add("Config", configuration);
await Html.RenderPartialAsync(url, data);
}
else
{
... default rendering ...
}
The application is hosted in a virtual directory with a dedicated application pool. This problem occurs without a web.config at the site level. On the same server, the prior .net framework version of the application works correctly.
here is the applications web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\myapp.dll" stdoutLogEnabled="false" hostingModel="InProcess" stdoutLogFile=".\logs\stdout">
<environmentVariables>
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" />
</environmentVariables>
</aspNetCore>
</system.webServer>
</location>
</configuration>
A co-worker found the solution the problem, the clue was in https://weblog.west-wind.com/posts/2019/Sep/30/Serving-ASPNET-Core-Web-Content-from-External-Folders
There were 2 changes required:
Add package: Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation
called extension to support runtime complication on the controllers/views:
services.AddControllersWithViews().AddRazorRuntimeCompilation(opt =>
{
opt.FileProviders.Add(
new PhysicalFileProvider(System.IO.Path.Combine(Environment.ContentRootPath, ""))
);
})
if you want to change where the dynamic compilation is supported, simply change the "" to the path where it is permitted.
Framework asp.net core 2.2 -
After developing and managed to get the Windows logged in user in the local host (IIS express):
[Route("getUser")]
[HttpGet]
public IActionResult GetUser()
{
var NullUser = User.Identity.Name; //return null
var currentUser = System.Security.Principal.WindowsIdentity.GetCurrent();
return Ok(currentUser.Name);
}
and LaunchSettings.json:
"iisSettings":{
"windowsAuthentication": false,
"anonymousAuthentication": true
...
}
So far, so good !
Now - I'm publishing the application to an IIS, with the web.config:
<system.web>
<authentication mode="Windows"></authentication>
<identity impersonate="false" /> //This is because I'm getting the username by code
</system.web>
<system.webServer>
<aspnetCore processPath=....... forwardWindowsAuthToken="true" hsotingModel="InProcess">
</aspnetCore>
<security>
<authentication>
<anonymousAuthentication enabled ="false" />
<windowsAuthentication enabled ="true" />
</authentication>
</security>
</system.webServer>
These are the basic properties of the application pool which the application works with:
.NET CLR version: No Managed Code
Managed pileline mode: Integradted
Advanced:
Process Model:
Identity: ApplicationPoolIdentity
And then, when running the application, I'm getting error 500.19 pointing on the authentication section (ignore typo errors - it is free text writing - not copy + paste):
AnonymousAuthenticationModule
Config error
This configuration section cannot be used at this path. This happens when the section is
locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set
explicitly by a location tag with overrideMode="Deny"; ot the legacy allowOverride="false"/
Config Source:
<authentication>
<anonymousAuthentication enabled ="true" />
<windowsAuthentication enabled ="true" />
web.config.png
I am pretty sure "anonymousAuthentication enabled" should be set to false.
https://learn.microsoft.com/en-us/iis/configuration/system.webserver/security/authentication/windowsauthentication/
As #Lex Li mentioned - the problem was configuration line items which are irrelevant to ASP.NET core, but to ASP.NET 4.5 - I removed them as he advised
Currently, I am working with Asp.Net Core and MVC6 need to upload file size unlimited. I have searched its solution but still not getting the actual answer.
I have tried this link
If anyone have any idea please help.
Thanks.
The other answers solve the IIS restriction. However, as of ASP.NET Core 2.0, Kestrel server also imposes its own default limits.
Github of KestrelServerLimits.cs
Announcement of request body size limit and solution (quoted below)
MVC Instructions
If you want to change the max request body size limit for a specific MVC action or controller, you can use the RequestSizeLimit attribute. The following would allow MyAction to accept request bodies up to 100,000,000 bytes.
[HttpPost]
[RequestSizeLimit(100_000_000)]
public IActionResult MyAction([FromBody] MyViewModel data)
{
[DisableRequestSizeLimit] can be used to make request size unlimited. This effectively restores pre-2.0.0 behavior for just the attributed action or controller.
Generic Middleware Instructions
If the request is not being handled by an MVC action, the limit can still be modified on a per request basis using the IHttpMaxRequestBodySizeFeature. For example:
app.Run(async context =>
{
context.Features.Get<IHttpMaxRequestBodySizeFeature>().MaxRequestBodySize = 100_000_000;
MaxRequestBodySize is a nullable long. Setting it to null disables the limit like MVC's [DisableRequestSizeLimit].
You can only configure the limit on a request if the application hasn’t started reading yet; otherwise an exception is thrown. There’s an IsReadOnly property that tells you if the MaxRequestBodySize property is in read-only state, meaning it’s too late to configure the limit.
Global Config Instructions
If you want to modify the max request body size globally, this can be done by modifying a MaxRequestBodySize property in the callback of either UseKestrel or UseHttpSys. MaxRequestBodySize is a nullable long in both cases. For example:
.UseKestrel(options =>
{
options.Limits.MaxRequestBodySize = null;
or
.UseHttpSys(options =>
{
options.MaxRequestBodySize = 100_000_000;
You're probably getting a 404.13 HTTP status code when you upload any file over 30MB. If you're running your ASP.Net Core application in IIS, then the IIS pipeline is intercepting your request before it hits your application.
Update your web.config:
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
<!-- Add this section for file size... -->
<security>
<requestFiltering>
<!-- Measured in Bytes -->
<requestLimits maxAllowedContentLength="1073741824" /> <!-- 1 GB-->
</requestFiltering>
</security>
</system.webServer>
Previous ASP.Net applications also needed this section, but it's not needed anymore in Core as your requests are handled by middleware:
<system.web>
<!-- Measured in kilobytes -->
<httpRuntime maxRequestLength="1048576" />
</system.web>
Maybe I am late here but here is the complete solution for uploading a file with a size of more than 30.0 MB in ASP.NET Core Version >=2.0:
You need to do the following three steps:
1. IIS content length limit
The default request limit (maxAllowedContentLength) is 30,000,000 bytes, which is approximately 28.6 MB. Customize the limit in the web.config file:
<system.webServer>
<security>
<requestFiltering>
<!-- Handle requests up to 1 GB -->
<requestLimits maxAllowedContentLength="1073741824" />
</requestFiltering>
</security>
</system.webServer>
Note: without this application running on IIS would not work.
2. ASP.NET Core Request length limit
For application running on IIS:
services.Configure<IISServerOptions>(options =>
{
options.MaxRequestBodySize = int.MaxValue;
});
For application running on Kestrel:
services.Configure<KestrelServerOptions>(options =>
{
options.Limits.MaxRequestBodySize = int.MaxValue; // if don't set default value is: 30 MB
});
3. Form's MultipartBodyLengthLimit
services.Configure<FormOptions>(options =>
{
options.ValueLengthLimit = int.MaxValue;
options.MultipartBodyLengthLimit = int.MaxValue; // if don't set default value is: 128 MB
options.MultipartHeadersLengthLimit = int.MaxValue;
});
Adding all the above options will solve the problem related to the file upload with a size of more than 30.0 MB.
In ASP.NET Core 1.1 project that created by Visual Studio 2017, if you want to increase upload file size. You need to create web.config file by yourself, and add these content:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<security>
<requestFiltering>
<!-- 1 GB -->
<requestLimits maxAllowedContentLength="1073741824" />
</requestFiltering>
</security>
</system.webServer>
</configuration>
In Startup.cs file, add these content:
public void ConfigureServices(IServiceCollection services)
{
services.Configure<FormOptions>(x =>
{
x.ValueLengthLimit = int.MaxValue;
x.MultipartBodyLengthLimit = int.MaxValue;
x.MultipartHeadersLengthLimit = int.MaxValue;
});
services.AddMvc();
}
In your startup.cs configure FormsOptions Http Feature:
public void ConfigureServices(IServiceCollection services)
{
services.Configure<FormOptions>(o => // currently all set to max, configure it to your needs!
{
o.ValueLengthLimit = int.MaxValue;
o.MultipartBodyLengthLimit = long.MaxValue; // <-- !!! long.MaxValue
o.MultipartBoundaryLengthLimit = int.MaxValue;
o.MultipartHeadersCountLimit = int.MaxValue;
o.MultipartHeadersLengthLimit = int.MaxValue;
});
}
UseIHttpMaxRequestBodySizeFeature Http Feature to configure MaxRequestBodySize
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.Use(async (context, next) =>
{
context.Features.Get<IHttpMaxRequestBodySizeFeature>().MaxRequestBodySize = null; // unlimited I guess
await next.Invoke();
});
}
Kestrel:
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>().UseKestrel(o => o.Limits.MaxRequestBodySize = null);
});
IIS --> web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<!-- ~ 2GB -->
<httpRuntime maxRequestLength="2147483647" /> // kbytes
</system.web>
<system.webServer>
<security>
<requestFiltering>
<!-- ~ 4GB -->
<requestLimits maxAllowedContentLength="4294967295" /> // bytes
</requestFiltering>
</security>
</system.webServer>
</configuration>
Http.sys:
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>().UseHttpSys(options =>
{
options.MaxRequestBodySize = null;
});
});
If you want to upload a very large file, potentially several GB large and you want to buffer it into a `MemoryStream` on the server, you will get an error message `Stream was too long`, because the capacity of the `MemoryStream` is `int.MaxValue`.
You would ahve to implement your own custom MemoryStream class.
But anyway, buffering such large files makes no sense.
Using a web.config might compromise the architecture of .NET core and you might face problem while deploying the solution on Linux or on Mac.
Better is to use the Startup.cs for configuring this setting: Ex:
services.Configure<FormOptions>(x =>
{
x.ValueLengthLimit = int.MaxValue;
x.MultipartBodyLengthLimit = int.MaxValue; // In case of multipart
});
Here is a correction:
You need to add web.config as well because when the request hits the IIS then it will search for the web.config and will check the maxupload length: sample :
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<security>
<requestFiltering>
<!-- 1 GB -->
<requestLimits maxAllowedContentLength="1073741824" />
</requestFiltering>
</security>
In my case, I needed to increase the file upload size limit, but for a single page only.
The file upload size limit is a security feature, and switching it off or increasing it globally often isn't a good idea. You wouldn't want some script kiddie DOSing your login page with extremely large file uploads. This file upload limit gives you some protection against that, so switching it off or increasing it globally isn't always a good idea.
So, to increase the limit for a single page instead of globally:
(I am using ASP.NET MVC Core 3.1 and IIS, Linux config would be different)
1. Add a web.config
otherwise IIS (or IIS Express, if debugging in Visual Studio) will block the request with a "HTTP Error 413.1 - Request Entity Too Large" before it even reaches your code.
Note the "location" tag, which restricts the upload limit to a specific page
You will also need the "handlers" tag, otherwise you will get a HTTP 404 error when browsing to that path
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="SomeController/Upload">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<security>
<requestFiltering>
<!--unit is bytes => 500 Mb-->
<requestLimits maxAllowedContentLength="524288000" />
</requestFiltering>
</security>
</system.webServer>
</location>
</configuration>
Next you will need to add the RequestSizeLimit attribute to your controller action, since Kestrel has its own limits too.
(you can instead do it via middleware as per other answers if you prefer)
[HttpPost]
[RequestSizeLimit(500 * 1024 * 1024)] //unit is bytes => 500Mb
public IActionResult Upload(SomeViewModel model)
{
//blah blah
}
and for completeness (if using MVC), your view and view model could look like this:
view
<form method="post" enctype="multipart/form-data" asp-controller="SomeController" asp-action="Upload">
<input type="file" name="#Model.File" />
</form>
View Model
public class SomeViewModel
{
public IFormFile File { get; set; }
}
and, if you are uploading files greater than 128Mb via form post, you may run in to this error too
InvalidDataException: Multipart body length limit 134217728 exceeded.
So on your controller action you could add the RequestFormLimits attribute
[HttpPost]
[RequestSizeLimit(500 * 1024 * 1024)] //unit is bytes => 500Mb
[RequestFormLimits(MultipartBodyLengthLimit = 500 * 1024 * 1024)]
public IActionResult Upload(SomeViewModel model)
{
//blah blah
}
In your web.config:
<system.webServer>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="2147483648" />
</requestFiltering>
</security>
</system.webServer>
Manually edit the ApplicationHost.config file:
Click Start. In the Start Search box, type Notepad. Right-click Notepad, and then click "Run as administrator".
On the File menu, click Open. In the File name box, type "%windir%\system32\inetsrv\config\applicationhost.config", and then click Open.
In the ApplicationHost.config file, locate the <requestLimits> node.
Remove the maxAllowedContentLength property. Or, add a value that matches the size of the Content-Length header that the client sends as part of the request. By default, the value of the maxAllowedContentLength property is 30000000.
Save the ApplicationHost.config file.
I will add this for completeness for other unlucky lads like me that ended up here, Source
In Startup.cs:
services.Configure<FormOptions>(options =>
{
options.MultipartBodyLengthLimit = 60000000;
});
Using Visual Studio 2022 (v 17.1.6) and .net core 6, I did not need to change anything in the Program.cs class. I only needed to add these two attributes (in addition to [HttpPost] and [Route]) to my controller method while running locally to accept a 100MB upload:
[RequestSizeLimit(100 * 1024 * 1024)]
[RequestFormLimits(MultipartBodyLengthLimit = 100 * 1024 * 1024)]
If you have scrolled down this far, that means you have tried above solutions. If you are using latest NET CORE versions (5.., 6..) and using IIS for hosting do this.
Add the web.config file to your project and then add the following code there:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<security>
<requestFiltering>
<!-- Handle requests up to 1 GB -->
<requestLimits maxAllowedContentLength="1073741824" />
</requestFiltering>
</security>
</system.webServer>
</configuration>
Set up the Form Options and IIS Server Options in your Startup.cs file like this:
services.Configure<IISServerOptions>(options =>
{
options.MaxRequestBodySize = int.MaxValue;
});
services.Configure<FormOptions>(o =>
{
o.ValueLengthLimit = int.MaxValue;
o.MultipartBodyLengthLimit = int.MaxValue;
o.MultipartBoundaryLengthLimit = int.MaxValue;
o.MultipartHeadersCountLimit = int.MaxValue;
o.MultipartHeadersLengthLimit = int.MaxValue;
o.BufferBodyLengthLimit = int.MaxValue;
o.BufferBody = true;
o.ValueCountLimit = int.MaxValue;
});
I was trying to upload a big file but somehow the file wasn't reaching the controller action method and the parameters including the file one was still null like this:
[HttpPost]
public async Task<IActionResult> ImportMedicalFFSFile(
Guid operationProgressID,
IFormFile file, // <= getting null here
DateTime lastModifiedDate)
{
...
}
What fixed it was adding the [DisableRequestSizeLimit] attribute to the action method or the entire controller\BaseController if you prefer:
[DisableRequestSizeLimit]
public class ImportedFileController : BaseController
{
...
}
More info here:
DisableRequestSizeLimitAttribute Class
I've hosted asp.net MVC 4 + WebAPI in IIS 7.5 with windows authentication. When I call the WebAPI from MVC4 view, it gives me 401 unauthorized error. But it works perfectly fine from my localhost.
I've set the principal in both the places (Thread.CurrentPrincipal & HttpContext.Current.User) from my AuthenticationModule class.
I tried with System.Web.HTTP AuthorizeAttribute.
When I debug with Jquery console, i could see the context principal is null.
Let me know the following.
IIS hosting configuration?
How to design the WebAPI authenticate/authorize calls from views?
Could you show me how are you calling the web api? If you are calling it with an
httpclient you should provide a handler. I show you below:
var handler = new HttpClientHandler()
{
UseDefaultCredentials = true
};
var client = new HttpClient(handler);
Something wrong in my handler registration; I forgot to add it under system.webServer;
Actual configuration:
<configuration>
<system.web>
<httpModules>
<add .........../>
</httpModules>
</system.web>
</configuration
Added configuration:
<configuration>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<add .........../>
</modules>
</system.webServer>
</configuration
I have deployed an MVC3 and WCF web service as a single application. Both work as expected. GET and POST requests work perfectly, but the PUT and DELETE requests return 404 errors. These work fine locally. Initially it was requesting a username/password for PUT/DELETE requests.
Here is my WebServer config from my web.config file
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAVModule" />
</handlers>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="*"
verbs="GET,HEAD,POST,DEBUG,PUT,DELETE" />
</authorization>
</security>
</system.webServer>
Here are my PUT and DELETE methods:
[OperationContract]
[WebInvoke(UriTemplate = "{id}", Method = "PUT")]
public MyResource Put(MyResource updatedResource, int id)
{
MyResource existingResource = Database.GetResourceById(id);
existingResource.Name = updatedResource.Name;
Database.SaveResource(existingResource);
return existingResource;
}
[OperationContract]
[WebInvoke(UriTemplate = "{id}", Method = "DELETE")]
public MyResource Delete(int id)
{
MyResource sampleResource = Database.DeleteResourceById(id);
return sampleResource;
}
My set up:
.NET 4.0
MVC3
IIS 7.0
Note: I am on a shared hosting plan, therefore do not have direct access to IIS7.0 a so I need to make changes via the web.config file.
Enable Tracing on your service and see why you get a 404 error when you try for a PUT or DELETE action.