Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Coding Asp.Net Is there a way to check, programmatically, if an ASP.NET application's CustomErrors are set to Off?

Thread Rating:
  • 623 Vote(s) - 3.51 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
Is there a way to check, programmatically, if an ASP.NET application's CustomErrors are set to Off?

Offline Mrovertones992


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: May 2018
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#1
07-23-2023, 03:49 AM
We usually catch unhandled exceptions in Global.asax, and then we redirect to a nice friendly error page. This is fine for the Live environment, but in our development environment we would like to check if CustomErrors are Off, and if so, just throw the ugly error.

Is there an easy way to check if CustomErrors are Off through code?
Reply

Offline crossjacks954955


Member
*
Member
Posts: 0
Threads: 0
Joined: Nov 2020
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
07-23-2023, 04:08 AM
Yep, the through [`WebConfigurationManager`][1]:

System.Configuration.Configuration configuration =
System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration("/");

System.Web.Configuration.CustomErrorsSection section =
(CustomErrorsSection)configuration.GetSection("system.web/customErrors");

Once you have the section, you can check whether the mode is on or off as follows:

CustomErrorsMode mode = section.Mode;
if (mode == CustomErrorsMode.Off)
{
// Do something
}



[1]:

[To see links please register here]

Reply

Offline pyramids240985


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Nov 2020
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#3
07-23-2023, 04:10 AM
This should do the trick...

using System.Web.Configuration;
using System.Configuration;

// pass application virtual directory name
Configuration configuration = WebConfigurationManager.OpenWebConfiguration("/TestWebsite");
CustomErrorsSection section = (CustomErrorsSection)configuration.GetSection("system.web/customErrors");
CustomErrorsMode mode=section.Mode;

Reply

Offline aylaapbhzmmi


Luxury
*****
Luxury
Posts: 0
Threads: 0
Joined: Sep 2020
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#4
07-23-2023, 04:15 AM
I would suggest using the following property:

HttpContext.Current.IsCustomErrorEnabled

As mentioned [here][1], IsCustomErrorEnabled takes more things like RemoteOnly into consideration:

> The IsCustomErrorEnabled property combines three values to tell you
> whether custom errors are enabled for a particular request. This isn't
> as simple as reading the web.config file to check the <customErrors>
> section. There's a bit more going on behind the scenes to truly
> determine whether custom errors are enabled.
>
> The property looks at these three values:
>
> 1. The web.config's < deployment > section's retail property. This is a
> useful property to set when deploying your application to a production
> server. This overrides any other settings for custom errors.
>
> 2. The web.config's < customErrors > section's mode property. This setting
> indicates whether custom errors are enabled at all, and if so whether
> they are enabled only for remote requests.
>
> 3. The HttpRequest object's IsLocal property. If custom errors are enabled only for remote
> requests, you need to know whether the request is from a remote
> computer.


[1]:

[To see links please register here]

Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through