Web API 404错误删除请求

时间:2017-07-12 10:04:15

标签: asp.net-web-api

我有一个Web API,可以完美地开发所有类型的HTTP请求(在同一个控制器上),一旦我将它移动到生产(共享服务器,我甚至无法访问它){ {1}}请求停止工作(其他人工作正常),我收到404错误:

  

请求   网址https://www.example.com:443/ 拒绝了UrlScan~ / API / Users / DeleteUser / 1

     

物理路径d:\ xx \ yy \ example.com \ Rejected-By-UrlScan

     

登录方法匿名

     

登录用户匿名

这是web.config的一部分:

DELETE

删除操作:

 <system.web>
    <customErrors mode="Off"/>
    <authentication mode="None" />
    <compilation debug="true" targetFramework="4.5" />
    <httpRuntime targetFramework="4.5" />
  </system.web>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true">
      <remove name="WebDAVModule" />
    </modules>
    <handlers>
      <remove name="WebDAV" />
      <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
      <remove name="OPTIONSVerbHandler" />
      <remove name="TRACEVerbHandler" />
      <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
    </handlers>
  </system.webServer>

和AJAX电话:

[Authorize]
[RoutePrefix("Users")]
public class UsersController : ApiController
    {
    [HttpDelete]
    [Route("DeleteUser/{id:int}")]
    public void Delete(int id)
    {
        _UsersRepository.Delete(id);
    }

WebApiConfig.cs:

deleteUser = function (id, callback) {
    $.ajax({
        url: "../API/Users/DeleteUser/" + id,
        type: "DELETE",
        success: function () {
            callback;
        }
    });
}

同一个Controller上的工作调用示例:

    public static void Register(HttpConfiguration config)
    {
        // Web API configuration and services
        // Configure Web API to use only bearer token authentication.
        config.SuppressDefaultHostAuthentication();
        config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));

        // Web API routes
        config.MapHttpAttributeRoutes();


        config.Routes.MapHttpRoute(
            name: "DefaultApi",
            routeTemplate: "{controller}/{id}",
            defaults: new { id = RouteParameter.Optional }
        );

        //create json formatter and remove all others
        var jsonFormatter = config.Formatters.OfType<JsonMediaTypeFormatter>().First();
        jsonFormatter.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
        jsonFormatter.SerializerSettings.Formatting = Newtonsoft.Json.Formatting.Indented;
        config.Formatters.Remove(config.Formatters.FormUrlEncodedFormatter);
        config.Formatters.Remove(config.Formatters.XmlFormatter);
    }

动作:

getUsers = function (callback) {
    $.get("../API/Users/GetUsers/", callback);
}

3 个答案:

答案 0 :(得分:4)

在IIS中,您是否配置了URLScan扩展名?

https://www.iis.net/downloads/microsoft/urlscan

  

UrlScan是一种安全工具,限制IIS将处理的HTTP请求类型

&#34;拒绝了UrlScan&#34;在您的网址中建议您可以将扩展程序配置为拒绝&#34;删除&#34;请求。

您可以向托管IIS的服务器管理员询问是否在IIS中配置了删除请求。

答案 1 :(得分:1)

JS代码段中的URL错误。它应该是

deleteUser = function (id, callback) {
    $.ajax({
        url: "[Application_Path]/Users/DeleteUser/" + id,
        type: "DELETE",
        success: function () {
            callback;
        }
    });
}

[RoutePrefix("Users")] overrides the default routing, so there should be no "API" in the URL.

您应该删除[Application_Path]并输入您的虚拟目录名称或使用@Url.Action

答案 2 :(得分:1)

我必须让它工作,所以我将请求的类型从DELETE更改为POST并且它完美运行:

[Authorize]
[RoutePrefix("Users")]
public class UsersController : ApiController
    {
    [HttpPost]
    [Route("DeleteUser/{id:int}")]
    public void Delete(int id)
    {
        _UsersRepository.Delete(id);
    }

deleteUser = function (id, callback) {
    $.ajax({
        url: "../API/Users/DeleteUser/" + id,
        type: "POST",
        success: function () {
            callback;
        }
    });
}