我有一个Web API,可以完美地开发所有类型的HTTP请求(在同一个控制器上),一旦我将它移动到生产(共享服务器,我甚至无法访问它){ {1}}请求停止工作(其他人工作正常),我收到404错误:
请求 网址https://www.example.com:443/ 拒绝了UrlScan~ / API / Users / DeleteUser / 1
物理路径d:\ xx \ yy \ example.com \ Rejected-By-UrlScan
登录方法匿名
登录用户匿名
这是web.config的一部分:
DELETE
删除操作:
<system.web>
<customErrors mode="Off"/>
<authentication mode="None" />
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
和AJAX电话:
[Authorize]
[RoutePrefix("Users")]
public class UsersController : ApiController
{
[HttpDelete]
[Route("DeleteUser/{id:int}")]
public void Delete(int id)
{
_UsersRepository.Delete(id);
}
WebApiConfig.cs:
deleteUser = function (id, callback) {
$.ajax({
url: "../API/Users/DeleteUser/" + id,
type: "DELETE",
success: function () {
callback;
}
});
}
同一个Controller上的工作调用示例:
public static void Register(HttpConfiguration config)
{
// Web API configuration and services
// Configure Web API to use only bearer token authentication.
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
// Web API routes
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
//create json formatter and remove all others
var jsonFormatter = config.Formatters.OfType<JsonMediaTypeFormatter>().First();
jsonFormatter.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
jsonFormatter.SerializerSettings.Formatting = Newtonsoft.Json.Formatting.Indented;
config.Formatters.Remove(config.Formatters.FormUrlEncodedFormatter);
config.Formatters.Remove(config.Formatters.XmlFormatter);
}
动作:
getUsers = function (callback) {
$.get("../API/Users/GetUsers/", callback);
}
答案 0 :(得分:4)
在IIS中,您是否配置了URLScan扩展名?
https://www.iis.net/downloads/microsoft/urlscan
UrlScan是一种安全工具,限制IIS将处理的HTTP请求类型。
&#34;拒绝了UrlScan&#34;在您的网址中建议您可以将扩展程序配置为拒绝&#34;删除&#34;请求。
您可以向托管IIS的服务器管理员询问是否在IIS中配置了删除请求。
答案 1 :(得分:1)
JS代码段中的URL错误。它应该是
deleteUser = function (id, callback) {
$.ajax({
url: "[Application_Path]/Users/DeleteUser/" + id,
type: "DELETE",
success: function () {
callback;
}
});
}
[RoutePrefix("Users")] overrides the default routing, so there should be no "API" in the URL.
您应该删除[Application_Path]并输入您的虚拟目录名称或使用@Url.Action
答案 2 :(得分:1)
我必须让它工作,所以我将请求的类型从DELETE
更改为POST
并且它完美运行:
[Authorize]
[RoutePrefix("Users")]
public class UsersController : ApiController
{
[HttpPost]
[Route("DeleteUser/{id:int}")]
public void Delete(int id)
{
_UsersRepository.Delete(id);
}
deleteUser = function (id, callback) {
$.ajax({
url: "../API/Users/DeleteUser/" + id,
type: "POST",
success: function () {
callback;
}
});
}