我有一个非常奇怪的问题,它只影响我在特定控制器中的一个操作。
此控制器中的所有其他操作都很好,但是当我发布一个特定操作的视图时,我收到错误:
HTTP错误403.0 - ModSecurity操作您没有权限 查看此目录或页面。
这让我感到困惑,因为所有观点都以类似的方式发布,并使用相同的web.config文件。
我的观点:
<form action="/Admin/EditMenus" method="Post" class="form-horizontal">
....standard form controls in here.....
</form>
我的控制器:
[HttpPost]
public ActionResult EditMenus(string mondayWeek1RegularDescription,
string mondayWeek1RegularCost,
string mondayWeek1VegetarianDescription,
string mondayWeek1VegetarianCost,
string mondayWeek1NocarbDescription,
string mondayWeek1NocarbCost,
string mondayWeek1KiddiesDescription,
string mondayWeek1KiddiesCost,
string tuesdayWeek1RegularDescription,
string tuesdayWeek1RegularCost,
string tuesdayWeek1VegetarianDescription,
string tuesdayWeek1VegetarianCost,
string tuesdayWeek1NocarbDescription,
string tuesdayWeek1NocarbCost,
string tuesdayWeek1KiddiesDescription,
string tuesdayWeek1KiddiesCost,
string wednesdayWeek1RegularDescription,
string wednesdayWeek1RegularCost,
string wednesdayWeek1VegetarianDescription,
string wednesdayWeek1VegetarianCost,
string wednesdayWeek1NocarbDescription,
string wednesdayWeek1NocarbCost,
string wednesdayWeek1KiddiesDescription,
string wednesdayWeek1KiddiesCost,
string thursdayWeek1RegularDescription,
string thursdayWeek1RegularCost,
string thursdayWeek1VegetarianDescription,
string thursdayWeek1VegetarianCost,
string thursdayWeek1NocarbDescription,
string thursdayWeek1NocarbCost,
string thursdayWeek1KiddiesDescription,
string thursdayWeek1KiddiesCost,
string fridayWeek1RegularDescription,
string fridayWeek1RegularCost,
string fridayWeek1VegetarianDescription,
string fridayWeek1VegetarianCost,
string fridayWeek1NocarbDescription,
string fridayWeek1NocarbCost,
string fridayWeek1KiddiesDescription,
string fridayWeek1KiddiesCost,
string mondayWeek2RegularDescription,
string mondayWeek2RegularCost,
string mondayWeek2VegetarianDescription,
string mondayWeek2VegetarianCost,
string mondayWeek2NocarbDescription,
string mondayWeek2NocarbCost,
string mondayWeek2KiddiesDescription,
string mondayWeek2KiddiesCost,
string tuesdayWeek2RegularDescription,
string tuesdayWeek2RegularCost,
string tuesdayWeek2VegetarianDescription,
string tuesdayWeek2VegetarianCost,
string tuesdayWeek2NocarbDescription,
string tuesdayWeek2NocarbCost,
string tuesdayWeek2KiddiesDescription,
string tuesdayWeek2KiddiesCost,
string wednesdayWeek2RegularDescription,
string wednesdayWeek2RegularCost,
string wednesdayWeek2VegetarianDescription,
string wednesdayWeek2VegetarianCost,
string wednesdayWeek2NocarbDescription,
string wednesdayWeek2NocarbCost,
string wednesdayWeek2KiddiesDescription,
string wednesdayWeek2KiddiesCost,
string thursdayWeek2RegularDescription,
string thursdayWeek2RegularCost,
string thursdayWeek2VegetarianDescription,
string thursdayWeek2VegetarianCost,
string thursdayWeek2NocarbDescription,
string thursdayWeek2NocarbCost,
string thursdayWeek2KiddiesDescription,
string thursdayWeek2KiddiesCost,
string fridayWeek2RegularDescription,
string fridayWeek2RegularCost,
string fridayWeek2VegetarianDescription,
string fridayWeek2VegetarianCost,
string fridayWeek2NocarbDescription,
string fridayWeek2NocarbCost,
string fridayWeek2KiddiesDescription,
string fridayWeek2KiddiesCost,
string week1StartDate,
string week2StartDate,
string orderBy,
string menuStart,
string menuEnd
){
...standard control posting to model...
return View();
}
我的错误说它必须与IIS相关但事实上同一控制器中的其他操作工作得很好而且只是这个告诉我其他的东西....就像我说这在本地工作正常但在服务器上给出错误。
答案 0 :(得分:2)
通过FTP转到web.config并在web.config中写下以下行:
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<ModSecurity enabled="false" configFile="C:\inetpub\wwwroot\owasp_crs\modsecurity.conf" />
</system.webServer>
答案 1 :(得分:0)
As @Sippy suggested the issue was with rules in ModSecurity that the hosting company did not configure correctly.
Thanks again.
I also learnt about view models today lol