IIS 7.5 updates to custom errors and compression

Looking at number of people reaching my first blog post while searching for information on IIS 7.5, I figured I should do few more posts on changes which are coming in IIS 7.5. In this blog post I am covering new features which have been added to compression and custom errors modules in IIS 7.5.

Changes to custom errors

1.       system.webServer/httpErrors section is made delegation safe
In IIS 7.0, httpErrors section was not delegated by default which means custom errors were not available to site owners for customization. Reason why the section was not delegated is because once the section is delegated, site owners are free to return any file they can read as a custom errors response which wasn’t secure. Server administrators can delegate the section securely using custom application pool identities and file ACLs which require lot of work. In IIS 7.5, if system.webServer/httpErrors@allowAbsolutePathsWhenDelegated property is set to false custom errors module will only allow paths relative to site root folder (not absolute paths) when the section is delegated. If server administrators want to allow absolute paths in web.config files even when section is delegated, they can set allowAbsolutePathsWhenDelegated property to true. Error 500.19 (configuration error) with detailed error description “Absolute physical path <folder> is not allowed in system.webServer/httpErrors section in web.config file.  Use relative path instead.will be generated if allowAbsolutePathsWhenDelegated is set to false and an absolute path is detected in web.config. This restriction is applied to properties path and prefixLanguageFilePath but not defaultPath. Here is how httpErrors section will look like if a site owner wants to configure localized custom errors when only relative paths are allowed.

<httpErrors>
    <
clear/>
    <!–
Make module return %SITEROOT%\myerrorsfolder\%LANGUAGECODE%\401.htm –>
    <
error statusCode="401" prefixLanguageFilePath="myerrorsfolder" path="401.htm" />
    <
error …
</
httpErrors>

With this feature, hosters can now easily delegate custom errors section to site owners. Note that this feature will be available in Win2K8 sp2 as well.

2.       Changes to default configuration
With httpErrors section now made delegation safe, the section is delegated in a fresh install. Because the behavior is controlled by system.webServer/httpErrors@allowAbsolutePathsWhenDelegated property, this attribute is locked in the default configuration. This ensures that this property cannot be overridden by site owners to enable absolute file paths. As relative path restriction is not applied to defaultPath property, system.webServer/httpErrors@defaultPath is locked as well and cannot be used in web.config files.

Changes to compression

1.       Changes to schema
If a file is too small, compressed version of a file can be larger than original file. Due to this minimum file size for static compression (property system.webServer/httpCompression@minFileSizeForCompression) has been changed from 256 bytes to 2700 bytes. Also default value of system.webServer/urlCompression@doDynamicCompression is changed to true which will result in dynamic compression being enabled out of the box.

2.       Changes to default configuration
application/atom+xml”, “application/xaml+xml“ mime types are added to list of mime types for which static compression is enabled by default.

3.       Dynamically compressed response is flushed periodically
system.webServer/httpCompression@dynamicCompressionBufferLimit property controls maximum amount of dynamically compressed response IIS will buffer before forcing a flush to client.

In addition to these changes in compression, we are looking into completely supporting compression scheme extensibility as there has been some interest in writing new compression schemes. I will update this post with details on that when I know for sure that we are doing it for IIS 7.5.


Hope this helps.
Kanwal

6 thoughts on “IIS 7.5 updates to custom errors and compression

  1. Pingback: Bypassing 404 Error Page on IIS | Just in Chronicles

  2. Thank you for posting this. I just ran into a problem with custom errors after moving a site to IIS 7.5, and this helped me resolve it quickly!

  3. Hi
     
    Can you give  a specific example of of your custom error page.
    In my case my error pages are in 
    C:\inetpub\custerr\en-US
     
    So using your example I place my custom 401.1 page in the custerr directory
    My web.config on my test site looks like 
     
    <httpErrors errorMode="Custom">
                <error statusCode="401" subStatusCode="1" prefixLanguageFilePath="" path="custerr/Adelphi401-1.htm" responseMode="File" />
                  
            </httpErrors>
    Ok, I attempt to login to my test site with an invalid password.  I see from the iis7 logs that I get a 401.1 error but I don't redirect to my custom page?
    Regards
     
    Daniel
     
     
     
     
     

  4. Hi
    I noticed I my web.config was incorrect but unfortunately the results are the same.
     
     
     
     
    <httpErrors errorMode="Custom">
                <error statusCode="401" subStatusCode="1" prefixLanguageFilePath="custerr" path="My401-1.htm" responseMode="File" />
                
                
            </httpErrors>

  5. Pingback: Somewhere in here there is a way to display 500 Errors in Remote Browsers with II 7.x | Genius Tech Blog

  6. Many questions…
    for IIS 7.5 , Windows 2008 R2, CLASSIC AppPool (NOT integrated), ASP.NET 4.5.1

    it is no longer necessary to use customErrors?

    And too necessary ?

    enable “Send Errors to Browser” under “ASP” section.
    under “Error Pages / Edit Feature Settings”, select “Detailed errors”.
    disable “Show friendly HTTP error messages” in IE

    http://stackoverflow.com/questions/2640526/detailed-500-error-message-asp-iis-7-5

    http://stackoverflow.com/questions/2480006/what-is-the-difference-between-customerrors-and-httperrors

    http://www.iis.net/configreference/system.webserver/httperrors

    Note: it is no longer necessary to use customErrors

    http://tedgustaf.com/blog/2011/5/custom-404-and-error-pages-for-asp-net-and-static-files/

    http://www.dotnetbull.com/2013/08/httperrors-vs-customerrors-webconfig-iis-aspnet.html

    ***httpErrors*** is like **Error Pages -> 500 -> Edit Feature Settings -> “Detailed Errors”** ?_http://stackoverflow.com/questions/2640526/detailed-500-error-message-asp-iis-7-5_

    customErrors are for asp.net. httpErrors are for IIS7, and so handle content that doesn’t go through the .net handler (e.g. .png, .js etc.) If you want error pages for non-.net content types, use IIS error pages (httpErrors for IIS7, the UI for IIS6.)

    The customErrors attribute is used when the .net code is throwing an exception (404, 403, 500 etc) and the httpErrors attribute is used when IIS itself is throwing an exception.

    This is because by default IIS7 intercepts HTTP status codes such as 4xx and 5xx generated by applications further up the pipeline.

    Also enable “Send Errors to Browser” under “ASP” section. Also under “Error Pages / Edit Feature Settings”, select “Detailed errors”

    I still had to disable “Show friendly HTTP error messages” in IE

    setting the value of the “existingResponse” httpErrors attribute to “PassThrough”. Mine was set at “Replace” which was causing the YSOD not to display.

Leave a Reply

Your email address will not be published. Required fields are marked *